### 简要描述:
逐浪cms post注入
### 详细说明:
Url:http://demo.zoomla.cn/Plugins/Register.aspx
注册页面
参数TxtCode过滤不严~
[<img src="https://images.seebug.org/upload/201402/131948486b1c623ad7c46a4c79c72e2776cdba31.png" alt="2014-02-13_194841.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201402/131948486b1c623ad7c46a4c79c72e2776cdba31.png)
抓包:
[<img src="https://images.seebug.org/upload/201402/1319494301bf58039315d813f1a2df5ac6386103.png" alt="2014-02-13_194934.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201402/1319494301bf58039315d813f1a2df5ac6386103.png)
```
__VIEWSTATE=%2FwEPDwUKMTIyNDY2NzAxNGRk0w6kzdp8SCGVd8OTDosLe3fFnE9ZAKecfpfoPfbVfKI%3D&TxtCode=1111&TxtPassword=111&TxtPassword1=111'&Button1=
```
### 漏洞证明:
漏洞证明:
[<img src="https://images.seebug.org/upload/201402/13194959fda5e47e585f8fa8212587914b834db7.png" alt="2014-02-13_193815.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201402/13194959fda5e47e585f8fa8212587914b834db7.png)
[<img src="https://images.seebug.org/upload/201402/1319500942ca13d63a5e50bc95e53e14e26e9534.png" alt="2014-02-13_193843.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201402/1319500942ca13d63a5e50bc95e53e14e26e9534.png)
[<img src="https://images.seebug.org/upload/201402/13195022287f5c44eabc2ee67080998bd634390d.png" alt="2014-02-13_194224.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201402/13195022287f5c44eabc2ee67080998bd634390d.png)
在玩游戏,SQLmap.跑得慢不继续了。
暂无评论