...
Accessing the database using SQL Manager
Download sensitive files using file manager
Use a Chinese kitchen knife to execute commands
... Other unknown types, see the detection plugin webshell_reflect algorithm for details)
14. Remote command execution
...
Use
&
,|
,;
and other symbols cut, splice command$(xxx)
Inject commandsusingcommands using, backticks, etc.Syntax error during command injection attack
16. XSS:
...
Reflected
Overlay scene
Output GPC directly using PHP echo function
User input content with HTML tags and output directly to the page
17. XSS:
...
Stored
Overlay scene
Backstage Blind
...
Modify LDAP query logic by injection
19. DOS: Regex Group Attack
...
Overlay scene
Common Regex DoS attacks, eg
(a+)+
,(a|aa)+
...