CVE-2021-27947 MyBB後台論壇複製SQL注入漏洞

From PwnWiki
Revision as of 10:46, 21 March 2021 by Pwnwiki (talk | contribs) (Marked this version for translation)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Other languages:
Chinese • ‎español • ‎中文(繁體)‎

影響版本

< 1.8.26

漏洞利用

首先創建一個論壇:

5.jpg

注意這裡要配置密碼為payload: 

1 and sleep(10) and '

接著在options裡點擊copy forum,可以看到成功延時。

Retrieved from "https://pwnwiki.com/index.php?title=CVE-2021-27947_MyBB後台論壇複製SQL注入漏洞&oldid=539"