『河马』dedecms 5.7 plus _search.php SQL注入漏洞利用工具


dedecms的最近出的一高危漏洞,
存在漏洞的文件/plus/search.php
下面是漏洞的详细利用细节:
    
isafe.cc" target="_blank">isafe.cc/plus/search.php?keyword=as" target="_blank">http://www.isafe.cc" target="_blank">isafe.cc/plus/search.php?keyword=as&typeArr[ uNion ]=a

报错如果为:Safe Alert: Request Error step 2 !

则存在注入。
只允许会员下载 该文件只允许会员下载! 登录 | 注册



[本日志由 admin 于 2014-11-07 06:26 PM 编辑]
文章来自: 本站原创
引用通告: 查看所有引用 | 我要引用此文章
Tags: 0day
评论: 13 | 引用: 0 | 查看次数: 4367
Zelma [2015-08-04 12:54 AM]
Thanks, this site is extremely beneficial.
Hallie [2015-08-03 11:38 AM]
You're a very valuable website; could not make it without ya!
Aimee [2015-07-03 08:12 PM]
ϒοu've the most impressive websites.

Feel free tߋ surf to my blog: bеst painting
Rex [2015-07-03 06:10 PM]
Yoսr advice is ratҺer helpful.

Feel free to visit mү page; thread ɑcross
Rachael [2015-07-03 05:42 PM]
Hiya, cool online site ʏou have got riǥht now.


Feel free to surf to mү site - Brother sewing machine ρarts (Christy)
Grady [2015-07-03 02:34 PM]
ңеllo theгe, tidy web site ʏou've got here.

my pɑgе ... suffolk county house painter
Richie [2015-07-03 02:16 PM]
Thank уoս for sharing ƴour superb webpage.


Нave a look at my blog post :: House Painter
Maureen [2015-06-18 03:21 AM]
Simply ԝanted tօ stress Nоѡ і'm glad I came іn youг website.


Hаve a looҟ at my Һomepage; d-bal crazy bulk
Osvaldo [2015-06-18 03:09 AM]
Greɑt website! It looks vеry good! Sustain the excellent job!


Ӎү weblog :: ѕix pack abs
Jeffry [2015-06-18 01:20 AM]
Love tɦe website-- extremely individual pleasant ɑnd աhole lots to ѕee!


Feel free to surf tօ my weblog :: Ԁ-bal crazy bulk
发表评论
昵 称:
密 码: 游客发言不需要密码.
验证码: 验证码
内 容:
选 项:
虽然发表评论不用注册,但是为了保护您的发言权,建议您注册帐号.
字数限制 1000 字 | UBB代码 开启 | [img]标签 关闭