PHPmywind cms存在sql注入漏洞

### 简要描述： PHPmywind cms存在前台直接sql注入 ### 详细说明： PHPmywind cms存在前台直接sql注入 ### 漏洞证明： ``` /product.php?cid= ``` ``` www.bangtai119.com/product.php?cid=6&page=1 ``` [<img src="https://images.seebug.org/upload/201312/19162244861b0973ed8df4a8f95a12a8c7e2e582.png" alt="1.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201312/19162244861b0973ed8df4a8f95a12a8c7e2e582.png) ``` http://ybaje.com/product.php?cid=6 ``` [<img src="https://images.seebug.org/upload/201312/19162038d00884e797508243c701a5afe653f70f.png" alt="2.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201312/19162038d00884e797508243c701a5afe653f70f.png)