关键信息 漏洞描述 漏洞类型: SQL注入 (SQLi) 受影响系统: Life Insurance Management System v1.0 易受攻击文件: /insertNominee.php 参数: nominee_id 厂商信息 厂商: projectworlds 软件链接: Life Insurance Management System in PHP 版本 版本: V1.0 POC (概念验证) 命令: HTTP请求示例: 测试用例: - 错误基于注入: - 标题: MySQL >= 5.6 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (GTID_SUBSET) - Payload: - 时间延迟注入: - 标题: MySQL >= 5.0.12 AND time-based blind (query SLEEP) - Payload: