### 简要描述:
某通用型系统SQL注入
### 详细说明:
某通用型系统SQL注入。
CMS:XYCMS加盟店企业建站系统v1.6
注入:showpro.asp?id=
可谷歌到大量注入站点:
[<img src="https://images.seebug.org/upload/201503/201053206ff735bb59996a588ac5958c43cd35cc.png" alt="QQ图片20150320104350.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201503/201053206ff735bb59996a588ac5958c43cd35cc.png)
案例:
http://www.chinamota.com/showpro.asp?id=358
http://www.wanliyiliao.com/showpro.asp?id=1278
http://www.math-mark.com/showpro.asp?id=83
http://www.xuanlusi.com/ShowPro.asp?id=140
http://www.dongfangwangchao.com/showpro.asp?id=1417
### 漏洞证明:
案例+证明:
http://www.chinamota.com/showpro.asp?id=358
http://www.wanliyiliao.com/showpro.asp?id=1278
http://www.math-mark.com/showpro.asp?id=83
http://www.xuanlusi.com/ShowPro.asp?id=140
http://www.dongfangwangchao.com/showpro.asp?id=1417
[<img src="https://images.seebug.org/upload/201503/2010573765f0cef8783b379ea8f73b4732c1952c.png" alt="QQ图片20150320105709.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201503/2010573765f0cef8783b379ea8f73b4732c1952c.png)
京公网安备 11010502034610号
暂无评论