CVE-2023-34600 PoC — Adiscon LogAnalyzer SQL注入漏洞

Source

Associated Vulnerability

Title:Adiscon LogAnalyzer SQL注入漏洞 (CVE-2023-34600)
Description:Adiscon LogAnalyzer是一套系统日志和其他网络事件数据的Web前端工具。该工具提供日志浏览、搜索和基本分析以及图表显示。 Adiscon LogAnalyzer v4.1.13及之前版本存在安全漏洞，该漏洞源于容易受到SQL注入攻击。

Description

CVE-2023-34600

Readme

# Exploit Title: Adiscon LogAnalyzer v4.1.13 and before is vulnerable to SQL Injection.
# Date: 2023-06-20
# Exploit Author: Pedro (TW)
# Category : Webapps
# Vendor Homepage: https://loganalyzer.adiscon.com/
# Version: v4.1.13 and before
# Tested on: Linux
# CVE : CVE-2023-34600



[Reference]
https://loganalyzer.adiscon.com/

------------------------------------------

File Snapshot


 [4.0K]  /data/pocs/e9578ee267550436ab8941ebb5218b0bd6e97040
└── [ 374]  README.md

0 directories, 1 file

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!