Skip to content
Permalink
master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Go to file
 
 
Cannot retrieve contributors at this time

Background administrator password reset vulnerability


vuln in /include/web_check.php

a

In line 54 of the file, three variables are Judge whether it is empty; test_input and verify_str are keywords to detect whether the string has SQL and XSS. Let's ignore it here.

In line 60 of the file

$query=$db_conn->query("select * from sc_user where user_email='".$umail."' and user_rzm='".$urzm."'");

The validity of $umail and $urzm is verified by database queries.Moreover, $urzm is generated by the random number Rand (10,10000). d And updated to the database in line 29

e Finally, the verification code is obtained by direct blasting with burp tool