{"provider_name":"Hatena Blog","provider_url":"https://hatena.blog","title":"\u3084\u3089\u308c\u30a2\u30d7\u30ea BadTodo - 3.7 SQL\u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3 id\u30d1\u30e9\u30e1\u30fc\u30bf\u306b\u5bfe\u3057\u3066","width":"100%","categories":["BadTodo","SQL Injection"],"author_name":"demandosigno","html":"<iframe src=\"https://hatenablog-parts.com/embed?url=https%3A%2F%2Fwww.demandosigno.study%2Fentry%2F2023%2F09%2F11%2F201202\" title=\"\u3084\u3089\u308c\u30a2\u30d7\u30ea BadTodo - 3.7 SQL\u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3 id\u30d1\u30e9\u30e1\u30fc\u30bf\u306b\u5bfe\u3057\u3066 - demandosigno\" class=\"embed-card embed-blogcard\" scrolling=\"no\" frameborder=\"0\" style=\"display: block; width: 100%; height: 190px; max-width: 500px; margin: 10px 0px;\"></iframe>","url":"https://www.demandosigno.study/entry/2023/09/11/201202","blog_url":"https://www.demandosigno.study/","height":"190","type":"rich","published":"2023-09-11 20:12:02","author_url":"https://blog.hatena.ne.jp/demandosigno/","image_url":"https://cdn-ak.f.st-hatena.com/images/fotolife/d/demandosigno/20230811/20230811072656.jpg","version":"1.0","blog_title":"demandosigno","description":"\u524d\u56de\uff1a\u3084\u3089\u308c\u30a2\u30d7\u30ea BadTodo - 3.6 SQL\u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3 MariaDB\u306e\u30d1\u30b9\u30ef\u30fc\u30c9\u53d6\u5f97 - demandosigno \u3053\u308c\u307e\u3067\u3001\u4e3b\u306bTodo\u30ea\u30b9\u30c8\u4e00\u89a7\u753b\u9762\u306ekey\u30d1\u30e9\u30e1\u30fc\u30bf\u306b\u5bfe\u3057\u3066SQL\u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u3092\u8a66\u3057\u3066\u6765\u307e\u3057\u305f\u3002 /todolist.php?rnd=64fe3eba0ee01&key=%27+UNION+SELECT+NULL%2C+NULL%2C+id%2C+userid%2C+pwd%2C+email%2C+icon%2C+super%2C+NULL%2C+NULL+FROM+todo.users+%23 \u3082\u3046\u4e00\u3064\u3001\u300c\u30e6\u30fc\u30b6ID\u300d\u3092\u30af\u30ea\u30c3\u30af\u3057\u305f\u969b\u306b\u547c\u3073\u51fa\u3055\u308c\u308b\u30ea\u30af\u30a8\u2026"}