CVE-2024-48307 PoC — JeecgBoot 安全漏洞

Source

https://github.com/iSee857/CVE-2024-48307-poc

Associated Vulnerability

Title:JeecgBoot 安全漏洞 (CVE-2024-48307)
Description:JeecgBoot是中国国炬（Jeecg）公司的一个适用于企业 Web 应用程序的 Java 低代码平台。 JeecgBoot v3.7.1版本存在安全漏洞，该漏洞源于通过组件 /onlDragDatasetHead/getTotalData 发现包含 SQL 注入漏洞。

Readme

博客地址：

https://blog.csdn.net/xc_214/article/details/144187649?sharetype=blogdetail&sharerId=144187649&sharerefer=PC&sharesource=xc_214&spm=1011.2480.3001.8118

批量检测：


python poc.py -f url.txt


单个检测：


python poc.py -u http://your-ip


![image](https://github.com/user-attachments/assets/31cfdf5e-189b-4059-a153-cd33f27802a6)

File Snapshot


 [4.0K]  /data/pocs/24ae4de55d59be9bd1a561c047eaa37472e72cf2
├── [2.0K]  CVE-2024-48307
└── [ 357]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!