Exploit for SQL Injection in Tongda2000 Tongda_Office_Anywhere CVE-2023-4166 CVE-2023-4165

Name: Exploit for SQL Injection in Tongda2000 Tongda_Office_Anywhere CVE-2023-4166 CVE-2023-4165
Rating: 5 (249 reviews)

2023-09-01 | CVSS 9.8

## https://sploitus.com/exploit?id=0706FF37-7CF7-5206-9AD7-46EDC9C282CC
# CVE-2023-4166

fofa：通达 OA

python3 CVE-2023-4165.py -h 
python3 CVE-2023-4165.py -u 单个url目标文件 
python3 CVE-2023-4165.py -f url.txt


![image](https://github.com/mvpyyds/CVE-2023-4166/assets/87457452/9acfe4e3-8c2f-4851-8d79-2b3364178fa7)
然后验证地址即可
![image](https://github.com/mvpyyds/CVE-2023-4166/assets/87457452/77cf8756-5cc5-4859-98ca-74f9447e7c7b)