### 简要描述:
rt
### 详细说明:
某通用型系统SQL注入#九。
源码:XYCMS幼儿园建站系统 v2.1
下载地址:http://down.chinaz.com/soft/33301.htm
注入点:class_detail.asp?id=
可谷歌:幼儿园 inurl:class_detail.asp?id=
[<img src="https://images.seebug.org/upload/201504/28143206445905a8311584ca7373580b76bcca09.png" alt="QQ图片20150428143126.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201504/28143206445905a8311584ca7373580b76bcca09.png)
案例:http://www.gcdbyey.cn/class_detail.asp?id=164
http://www.pd-goodbaby.com/class_detail.asp?id=124
http://www.fzejx.com/class_detail.asp?id=153
http://myszfy.scsyyey.net/class_detail.asp?id=127
http://www.lrbly.com/class_detail.asp?id=121
### 漏洞证明:
注入证明:
http://www.gcdbyey.cn/class_detail.asp?id=164
http://www.pd-goodbaby.com/class_detail.asp?id=124
http://www.fzejx.com/class_detail.asp?id=153
http://myszfy.scsyyey.net/class_detail.asp?id=127
http://www.lrbly.com/class_detail.asp?id=121
[<img src="https://images.seebug.org/upload/201504/28143802ac98751734f80d9005388d97d3e518d5.jpg" alt="QQ图片20150428143731.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201504/28143802ac98751734f80d9005388d97d3e518d5.jpg)
京公网安备 11010502034610号
暂无评论