漏洞概述 漏洞名称: All in One Video Downloader 1.2 - (Authenticated) SQL Injection EDB-ID: 46077 作者: Deyaa Muhammad 类型: WEBAPPS 平台: PHP 日期: 2019-01-07 EDB Verified: 是 影响范围 软件链接: https://codecanyon.net/item/all-in-one-video-downloader-youtube-and-more/22599418 演示网站: https://aiovideodl.ml/ 演示管理面板: https://aiovideodl.ml/admin/ 演示管理员凭证: demo@aiovideodl.ml/123456 版本: 1.2 测试环境: WIN7 x68/cloudflare CVE: N/A 修复方案 POC代码: 利用代码: 标签 SQL Injection (SQLI) 其他信息 Google Dork: "developed by Niche Office" 作者邮箱: contact [at] deyaa.me 作者博客: http://deyaa.me 厂商主页: https://nicheoffice.web.tr/ 来源 Advisory/Source: Link 数据库 Exploits Google Hacking Papers Shellcodes 链接 Search Exploit-DB Submit Entry SearchExploit Manual Exploit Statistics 站点 OffSec Kali Linux VulnHub 解决方案 Courses and Certifications Learn Subscriptions OffSec Cyber Range Proving Grounds Penetration Testing Services 页脚 © OffSec Services Limited 2026. All rights reserved.