Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-4257 PoC — BlueNet Technology Clinical Browsing System SQL注入漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2024/CVE-2024-4257.yaml
Associated Vulnerability
Title:BlueNet Technology Clinical Browsing System SQL注入漏洞 (CVE-2024-4257)
Description:BlueNet Technology Clinical Browsing System是美国蓝网(BlueNet Technology)公司的一个临床浏览系统。 BlueNet Technology Clinical Browsing System 1.2.1版本存在SQL注入漏洞,该漏洞源于文件/xds/deleteStudy.php的参数documentUniqueId会导致SQL注入。
Description
A vulnerability was found in BlueNet Technology Clinical Browsing System 1.2.1. It has been classified as critical. This affects an unknown part of the file /xds/deleteStudy.php. The manipulation of the argument documentUniqueId leads to sql injection. It is possible to initiate the attack remotely.
File Snapshot

 id: CVE-2024-4257

info:
  name: BlueNet Technology Clinical Browsing System 1.2.1 - Sql Injection
 

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.