漏洞描述
company-financial-management是肯尼基蛙(Kenj_Frog)个人开发者的一个公司财务管理系统。 company-financial-management 1.0版本存在注入漏洞,该漏洞源于对参数sort的错误操作会导致SQL注入。
company-financial-management 注入漏洞
PoC代码
暂无相关漏洞推荐
- POC seeyon-a8-management-monitor-default-password: A8 Management Monitor Default Password
- POC canteen-management-2022-xss: Canteen Management 1.0 2022 XSS Reflected
- POC gcloud-lifecycle-management-not-enabled: Enable Lifecycle Management for Cloud Storage Objects
- POC esafenet-doc-management-rce: 亿赛通 Doc Management RCE
- POC netmizer-log-management-cmd-php-rce: NetMizer 日志管理系统 cmd.php 远程命令执行漏洞
- POC netmizer-log-management-data-directory-traversal: NetMizer 日志管理系统 data 目录遍历漏洞
- POC seeyon-management-default-password: 致远OA存在默认口令导致敏感信息泄露
- POC zheda-ente-customer-resource-management-system-fileupload: 浙大恩特客户资源管理系统任意文件上传
- POC panasonic-network-management: Panasonic Network Camera Management System - Detect
- POC amr-printer-management-unauth: AMR Printer Management Dashboard - Exposure
- POC hpe-system-management-anonymous-access: HPE System Management Anonymous Access
- POC qvidium-management-system-exposed: QVidium Management System Exposed
- POC 3cx-management-console: 3CX Management Console - Local File Inclusion