### 简要描述:
方维某系统XSS盲打后台(Demo演示)
### 详细说明:
方维旅游系统
官方 http://t1.fanwe.net
直接盲打后台了~
### 漏洞证明:
[<img src="https://images.seebug.org/upload/201503/141141357906f6fb71015d4ad22e9f3047618f06.jpg" alt="QQ截图20150314114017.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201503/141141357906f6fb71015d4ad22e9f3047618f06.jpg)
试试弹窗
OK盲打吧
[<img src="https://images.seebug.org/upload/201503/1411414287c7765f1b3f8dbf3b82320f26a83060.jpg" alt="QQ截图20150314114035.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201503/1411414287c7765f1b3f8dbf3b82320f26a83060.jpg)
[<img src="https://images.seebug.org/upload/201503/14114157e11d52486c6fac5810a45ba68a79c97e.jpg" alt="QQ截图20150314114049.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201503/14114157e11d52486c6fac5810a45ba68a79c97e.jpg)
成功获取cookie
京公网安备 11010502034610号
暂无评论