关键信息 漏洞描述 漏洞类型: SQL注入漏洞 (SQLi) 受影响系统: Life Insurance Management System v1.0 受影响文件: /insertNominee.php 参数: client_id 供应商信息 供应商: projectworlds 软件链接: Life Insurance Management System in PHP 版本 版本: V1.0 POC (概念验证) 命令: HTTP请求示例: 参数详情 参数: client_id (POST) 类型: error-based 标题: MySQL >= 5.6 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (GTID_SUBSET) Payload: 类型: time-based blind 标题: MySQL >= 5.0.12 AND time-based blind (query SLEEP) Payload: