漏洞描述
company-financial-management是肯尼基蛙(Kenj_Frog)个人开发者的一个公司财务管理系统。 company-financial-management 1.0版本存在注入漏洞,该漏洞源于对参数sort的错误操作会导致SQL注入。
company-financial-management 注入漏洞
PoC代码
暂无相关漏洞推荐
- Angeljudesuarez Student_management_system注入漏洞(CVE-2025-14967)
- Codeastro Real_estate_management_system注入漏洞(CVE-2025-14899)
- Codeastro Real_estate_management_system注入漏洞(CVE-2025-14897)
- Campcodes Advanced_voting_management_system不正确的权限分配漏洞(CVE-2025-14889)
- Oracle Identity Manager /iam/governance/applicationmanagement/api/v1/applications/groovyscriptstatus;.wadl 命令执行漏洞(CVE-2025-61757)
- POC seeyon-a8-management-monitor-default-password: A8 Management Monitor Default Password
- POC canteen-management-2022-xss: Canteen Management 1.0 2022 XSS Reflected
- POC gcloud-lifecycle-management-not-enabled: Enable Lifecycle Management for Cloud Storage Objects
- POC esafenet-doc-management-rce: 亿赛通 Doc Management RCE
- POC netmizer-log-management-cmd-php-rce: NetMizer 日志管理系统 cmd.php 远程命令执行漏洞
- POC netmizer-log-management-data-directory-traversal: NetMizer 日志管理系统 data 目录遍历漏洞
- POC seeyon-management-default-password: 致远OA存在默认口令导致敏感信息泄露
- POC zheda-ente-customer-resource-management-system-fileupload: 浙大恩特客户资源管理系统任意文件上传