FineCMS多个SQL注射漏洞

### 简要描述： FineCMS多个SQL注射 ### 详细说明： 注射文件存在于：/fang/目录下index.php文件 射点一：http://www.dayrui.net/fang/index.php 以官方演示站演示证明： http://www.dayrui.net/fang/index.php?c=search&area=2395&catid=1&order=updatetime' http://www.dayrui.net/fang/index.php?c=search&area=2395&zujin=0%2C500&catid=1' http://www.dayrui.net/fang/index.php?c=search&area=2395&catid=1' http://www.dayrui.net/fang/index.php?c=search&catid=1' [<img src="https://images.seebug.org/upload/201401/20203544ddc4f1f9248d990449a6bec8d2240ad2.png" alt="1.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201401/20203544ddc4f1f9248d990449a6bec8d2240ad2.png) 射点二：http://www.dayrui.net/video/index.php 以官方演示站演示证明： http://www.dayrui.net/video/index.php?c=search&catid=1&order=updatetime' http://www.dayrui.net/video/index.php?c=search&area=%E5%A4%A7%E9%99%86&catid=1' http://www.dayrui.net/video/index.php?c=search&catid=7' [<img src="https://images.seebug.org/upload/201401/202040282b03cc7c219c15ec82f24e42619554bb.png" alt="1.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201401/202040282b03cc7c219c15ec82f24e42619554bb.png) 射点三：http://www.dayrui.net/space/index.php 以官网演示站演示： http://www.dayrui.net/space/index.php?order=displayorder' http://www.dayrui.net/space/index.php?keyword=finecms&order=displayorder' [<img src="https://images.seebug.org/upload/201401/20203937ae7e85e8de51426d80577453972d728b.png" alt="1.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201401/20203937ae7e85e8de51426d80577453972d728b.png) ### 漏洞证明：