### 简要描述:
之十
### 详细说明:
某通用型建站系统SQL注射之十。
源码:XYCMS律师事务所网站系统v1.3
地址:http://code.it168.com/d-25428.shtml
注入点:showcase.asp?id=
可谷歌搜索:事务 inurl:showcase.asp?id=
[<img src="https://images.seebug.org/upload/201503/261054227b15bbbb4d8426d8ac96d02deb0964db.png" alt="QQ图片20150326104545.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201503/261054227b15bbbb4d8426d8ac96d02deb0964db.png)
实例:
http://www.lnsmlv.com/showcase.asp?id=68
http://www.keyels.com/showcase.asp?id=59
http://www.hu-ls.com/showcase.asp?id=166
http://www.yn148.net/showcase.asp?id=18
http://www.lawyeryzm.com/showcase.asp?id=132
### 漏洞证明:
实例证明:
http://www.lnsmlv.com/showcase.asp?id=68
http://www.keyels.com/showcase.asp?id=59
http://www.hu-ls.com/showcase.asp?id=166
http://www.yn148.net/showcase.asp?id=18
http://www.lawyeryzm.com/showcase.asp?id=132
[<img src="https://images.seebug.org/upload/201503/261055071f945bfdd4d867349da4b0475e1cd7b0.png" alt="QQ图片20150326105116.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201503/261055071f945bfdd4d867349da4b0475e1cd7b0.png)
京公网安备 11010502034610号
暂无评论