WUZHICMS-SQL-Injection
WUZHICMS v4.1.0 function checktitle() in /coreframe/app/content/admin/content.php hava a SQL injection
- /coreframe/app/content/admin/content.php: $titile able to control,but just to bypass
function remove_xss()

- /coreframe/app/core/libs/function: function remove_xss():
Filter ”,”
Can't use SQL like [updatexml(1,concat(0x7e,(SELECT @@version),0x7e),1)] But can use Time Blind SQL Injection
- Find the injection point in web site

- findConstruction statement,if submit,we find Controllable variable “title”

- MySQL user:


