Online Eyewear Shop 1.0 SQL注入漏洞及POC

从这个网页截图中，可以获取到以下关于漏洞的关键信息： 1. 漏洞描述： - 漏洞类型：SQL注入 - 受影响版本：Online Eyewear Shop Website 1.0 - 受影响文件：/oews/classes/Master.php?f=delete_product - 描述：在线眼镜店网站1.0在/oews/classes/Master.php?f=delete_product中存在SQL注入攻击，攻击参数为id。攻击者可以利用此漏洞直接从服务器获取敏感信息。 2. 漏洞利用： - POC（Proof of Concept）示例： - POST请求示例： - 响应： - 错误报告： ``` Stack trace: 1. [mysqli\_sql\_exception(191): call_user_func_array(\_call\_function\_callback, array(0))] 2. [mysqli\_query(191): call\_user\_func\_array(\_call\_function\_callback, array(0))] 3. [mysqli\_query(191): call\_user\_func\_array(\_call\_function\_callback, array(0))] 4. [mysqli\_query(191): call\_user\_func\_array(\_call\_function\_callback, array(0))] 5. [mysqli\_query(191): call\_user\_func\_array(\_call\_function\_callback, array(0))] 6. [mysqli\_query(191): call\_user\_func\_array(\_call\_function\_callback, array(0))] 7. [mysqli\_query(191): call\_user\_func\_array(\_call\_function\_callback, array(0))] 8. [mysqli\_query(191): call\_user\_func\_array(\_call\_function\_callback, array(0))] 9. [mysqli\_query(191): call\_user\_func\_array(\_call\_function\_callback, array(0))] 10. [mysqli\_query(191): call\_user\_func\_array(\_call\_function\_callback, array(0))] 11. [mysqli\_query(191): call\_user\_func\_array(\_call\_function\_callback, array(0))] 12. [mysqli\_query(191): call\_user\_func\_array(\_call\_function\_callback, array(0))] 13. [mysqli\_query(191): call\_user\_func\_array(\_call\_function\_callback, array(0))] 14. [mysqli\_query(191): call\_user\_func\_array(\_call\_function\_callback, array(0))] 15. [mysqli\_query(191): call\_user\_func\_array(\_call\_function\_callback, array(0))] 16. [mysqli\_query(191): call\_user\_func\_array(\_call\_function\_callback, array(0))] 17. [mysqli\_query(191): call\_user\_func\_array(\_call\_function\_callback, array(0))] 18. [mysqli\_query(191): call\_user\_func\_array(\_call\_function\_callback, array(0))] 19. [mysqli\_query(191): call\_user\_func\_array(\_call\_function\_callback, array(0))] 20. [mysqli\_query(191): call\_user\_func\_array(\_call\_function\_callback, array(0))] 21. [mysqli\_query(191): call\_user\_func\_array(\_call\_function\_callback, array(0))] 22. [mysqli\_query(191): call\_user\_func\_array(\_call\_function\_callback, array(0))] 23. [mysqli\_query(191): call\_user\_func\_array(\_call\_function\_callback, array(0))] 24. [mysqli\_query(191): call\_user\_func\_array(\_call\_function\_callback, array(0))] 25. [mysqli\_query(191): call\_user\_func\_array(\_call\_function\_callback, array(0))] 26. [mysqli\_query(191): call\_user\_func\_array(\_call\_function\_callback, array(0))] 27. [mysqli\_query(191): call\_user\_func\_array(\_call\_function\_callback, array(0))] 28. [mysqli\_query(191): call\_user\_func\_array(\_call\_function\_callback, array(0))] 29. [mysqli\_query(191): call\_user\_func\_array(\_call\_function\_callback, array(0))] 30. [mysqli\_query(191): call\_user\_func\_array(\_call\_function\_callback, array(0))] 31. [mysqli\_query(191): call\_user\_func\_array(\_call\_function\_callback, array(0))] 32. [mysqli\_query(191): call\_user\_func\_array(\_call\_function\_callback, array(0))] 33. [mysqli\_query(191): call\_user\_func\_array(\_call\_function\_callback, array(0))] 34. [mysqli\_query(191): call\_user\_func\_array(\_call\_function\_callback, array(0))] 35. [mysqli\_query(191): call\_user\_func\_array(\_call\_function\_callback, array(0))] 36. [mysqli\_query(191): call\_user\_func\_array(\_call\_function\_callback, array(0))] 37. [mysqli\_query(191): call\_user\_func\_array(\_call\_function\_callback, array(0))] 38. [mysqli\_query(191): call\_user\_func\_array(\_call\_function\_callback, array(0))] 39. [mysqli\_query(191): call\_user\_func\_array(\_call\_function\_callback, array(0))] 40. [mysqli\_query(191): call\_user\_func\_array(\_call\_function\_callback, array(0))] 41. [mysqli\_query(191): call\_user\_func\_array(\_call\_function\_callback, array(0))] 42. [mysqli\_query(191): call\_user\_func\_array(\_call\_function\_callback, array(0))] 43. [mysqli\_query(191): call\_user\_func\_array(\_call\_function\_callback, array(0))] 44. [mysqli\_query(191): call\_user\_func\_array(\_call\_function\_callback, array(0))] 45. [mysqli\_query(191): call\_user\_func\_array(\_call\_function\_callback, array(0))] 46. [mysqli\_query(191): call\_user\_func\_array(\_call\_function\_callback, array(0))] 47. [mysqli\_query(191): call\_user\_func\_array(\_call\_function\_callback, array(0))] 48. [mysqli\_query(1

目标达成感谢每一位支持者 — 我们达成了 100% 目标！

Online Eyewear Shop 1.0 SQL注入漏洞及POC

同源更多文章

目标达成 感谢每一位支持者 — 我们达成了 100% 目标！

Online Eyewear Shop 1.0 SQL注入漏洞及POC

同源更多文章

目标达成感谢每一位支持者 — 我们达成了 100% 目标！