S

SQL 注入

error/data/prvd/src/sink/sqli/001-mysqli_query.php in mysqli_queryphp
DEDECMS-1
1
1
?

172.17.0.1

ID: 7cmrl5osvgfpv21l4dvc549qin

Unknown Browser

php

版本: 7.2.9

消息

SQL 注入
正文
{
  "pubdate": "2018-11-08 22:50:27",
  "sptype": "hand",
  "money": "0",
  "dopost": "save",
  "spsize": "5",
  "keywords": "test",
  "sortup": "0",
  "weight": "99",
  "title": "test",
  "ishtml": "1",
  "needwatermark": "1",
  "click": "100",
  "autolitpic": "1",
  "arcrank": "0",
  "body": "test",
  "tags": "test",
  "imageField_x": "28",
  "imageField_y": "6",
  "typeid": "18",
  "remote": "1",
  "channelid": "1",
  "dede_addonfields": "'\"><xtanzi>./../xtanzi",
  "autokey": "1",
  "notpost": "0"
}
Cookies
DedeLoginTime
1541688180
DedeLoginTime__ckMd5
e0aae65f320d5585
DedeUserID
1
DedeUserID__ckMd5
5ebcf2784562fcbb
ENV_GOBACK_URL
/dede/content_list.php
PHPSESSID
********
_csrf_name_36da6296
1922605a943b494197d1e2b8fb3185d0
_csrf_name_36da6296__ckMd5
a98b70f940a7e746
_csrf_name_5964670e
f134da46f0caa624080e75cf39f400bb
_csrf_name_5964670e__ckMd5
ce47e55d4480e8ab
menuitems
1_1,2_1,3_1
标头
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate, br
Accept-Language
zh-CN,zh;q=0.9,en;q=0.8
Cache-Control
max-age=0
Connection
keep-alive
Content-Length
2357
Content-Type
multipart/form-data; boundary=1a86f546190b43a784314ea7a77026c3
Host
localhost:8080
Origin
http://localhost:8080
Prvd-Fuzzer
halo_from_fate0
Referer
http://localhost:8080/dede/article_add.php
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36

User

?
ID
7cmrl5osvgfpv21l4dvc549qin
IP Address
172.17.0.1
bigfile_info
[]
dede_admin_channel
0
dede_admin_id
1
dede_admin_name
admin
dede_admin_purview
admin_AllowAll 
dede_admin_style
newdedecms
dede_admin_type
10
file_info
[]
securimage_code_value
aq2t

Runtime

Name
php
Version
7.2.9

SDK

姓名
sentry-php
版本
1.9.2