### 简要描述: HDWiKi官网sql注射漏洞,上个月晚上无聊的时候发现的,刚才来网吧才想起来。 官网存在的确不应该哦。 扯句题外话,北京乌云聚会啥时候呢?准备来北京了,求各种朋友认识 ### 详细说明: ``` http://kaiyuan.hudong.com/template.php?action=stat&id=554 Target: http://kaiyuan.hudong.com/template.php?action=stat&id=554 Host IP:203.81.18.108 Web Server: Apache DB Server: MySQL >=5 Current DB: kaiyuan_cms Data Bases: information_schema kaiyuan_cms ``` [<img src="https://images.seebug.org/upload/201207/1817084093678aa6609d86999196dd87617ffe0d.jpg" alt="" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201207/1817084093678aa6609d86999196dd87617ffe0d.jpg) [<img src="https://images.seebug.org/upload/201207/18170922bcfcfadbdde7e70fd39bb2a3d191e3d4.jpg" alt="" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201207/18170922bcfcfadbdde7e70fd39bb2a3d191e3d4.jpg) ### 漏洞证明: ``` http://kaiyuan.hudong.com/template.php?action=stat&id=554 Target: http://kaiyuan.hudong.com/template.php?action=stat&id=554 Host...
### 简要描述: HDWiKi官网sql注射漏洞,上个月晚上无聊的时候发现的,刚才来网吧才想起来。 官网存在的确不应该哦。 扯句题外话,北京乌云聚会啥时候呢?准备来北京了,求各种朋友认识 ### 详细说明: ``` http://kaiyuan.hudong.com/template.php?action=stat&id=554 Target: http://kaiyuan.hudong.com/template.php?action=stat&id=554 Host IP:203.81.18.108 Web Server: Apache DB Server: MySQL >=5 Current DB: kaiyuan_cms Data Bases: information_schema kaiyuan_cms ``` [<img src="https://images.seebug.org/upload/201207/1817084093678aa6609d86999196dd87617ffe0d.jpg" alt="" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201207/1817084093678aa6609d86999196dd87617ffe0d.jpg) [<img src="https://images.seebug.org/upload/201207/18170922bcfcfadbdde7e70fd39bb2a3d191e3d4.jpg" alt="" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201207/18170922bcfcfadbdde7e70fd39bb2a3d191e3d4.jpg) ### 漏洞证明: ``` http://kaiyuan.hudong.com/template.php?action=stat&id=554 Target: http://kaiyuan.hudong.com/template.php?action=stat&id=554 Host IP:203.81.18.108 Web Server: Apache DB Server: MySQL >=5 Current DB: kaiyuan_cms Data Bases: information_schema kaiyuan_cms ``` [<img src="https://images.seebug.org/upload/201207/18170922bcfcfadbdde7e70fd39bb2a3d191e3d4.jpg" alt="" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201207/18170922bcfcfadbdde7e70fd39bb2a3d191e3d4.jpg)
