Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-44349 PoC — Anteeo WMS 安全漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2024/CVE-2024-44349.yaml
Associated Vulnerability
Title:Anteeo WMS 安全漏洞 (CVE-2024-44349)
Description:Anteeo WMS是Anteeo WMS公司的一个功能齐全的数据中心。 Anteeo WMS 4.7.34之前版本存在安全漏洞,该漏洞源于存在SQL注入漏洞,未经身份验证的攻击者可以通过用户名参数和泄露底层数据库中的一些数据来执行任意SQL命令。
Description
A SQL injection vulnerability in login portal in AnteeoWMS before v4.7.34 allows unauthenticated attackers to execute arbitrary SQL commands via the username parameter and disclosure of some data in the underlying DB.
File Snapshot

 id: CVE-2024-44349

info:
  name: AnteeoWMS < v4.7.34 - SQL Injection
  author: iamnoooob,rootxharsh

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.