Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2022-31890 PoC — Enhancesoft osTicket SQL注入漏洞

Source
https://github.com/reewardius/CVE-2022-31890
Associated Vulnerability
Title:Enhancesoft osTicket SQL注入漏洞 (CVE-2022-31890)
Description:SQL Injection vulnerability in audit/class.audit.php in osTicket osTicket-plugins before commit a7842d494889fd5533d13deb3c6a7789768795ae via the order parameter to the getOrder function.
Readme
# CVE-2022-31890 for osTicket | Support Ticketing System

Nickname:
```
> python nickname.py
# The output of the first nickname in the table.
```
Password:
```
> python password.py
# The output of the first password in the table.
```
Output to file:
```
> python dumpFile.py
> cat dump.txt || {{nickname}}::{{password}}
```
Output to console:
```
> python dumpConsole.py
# Output to console || {{nickname}}::{{password}}
```
File Snapshot

 [4.0K]  /data/pocs/d2fed15de82ca26c446e3aeb70fe249e826550b5
├── [1.7K]  dumpConsole.py
├── [1.9K]  dumpFile.py
├── [ 700]  letter.py
├── [ 886]  nickname.py
├── [ 886]  password.py
└── [ 425]  README.md

0 directories, 6 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →