Banana Dance CMS and Wiki SQL注射缺陷及修复

Banana Dance CMS and Wiki SQL注射缺陷及修复 - 网站安全

来源：自学PHP网时间：2015-04-17 14:47 作者：阅读:次

[导读] +-----------------------+| Banana Dance CMS+Wiki |+-----------------------+缺陷Web-App : Banana Dance CMS+Wiki缺陷类型 : SQLi作者 : Aodrulez. www.2cto.com Email : f3arm3d3ar@gmail.......

+-----------------------+
| Banana Dance CMS+Wiki |
+-----------------------+

缺陷Web-App : Banana Dance CMS+Wiki
缺陷类型     : SQLi
作者          : Aodrulez. www.2cto.com Email : f3arm3d3ar@gmail.com
测试平台         : Ubuntu 10.04
下载地址: http://www.doyoubananadance.com/functions/dl.php?file=4e84e50f89bf7

+---------+
|技术日志 |
+---------+

1] SQLi
示例: http://www.2cto.com /user.php?id=1'[sqli]

Error:
------
错误分析:
SELECT `key`,`value` FROM `bd_user_data` WHERE `user_id`='1''
Error: You have an error in your SQL syntax; check the manual
that corresponds to your MySQL server version for the right
syntax to use near ''1''' at line 1

+----------+
| MalCon |
+----------+
(International Malware Conference)

The CFP for MalCon-2011 is ON!
If you think you are good enough, try cracking our
'Capture the Mal Challenge-2011' online.
Open to everyone!

For more details, visit malcon.org

引用

"Microsoft is not the answer. Microsoft is the question. NO is the answer."   - Erik Naggum

Vivvo CMS本地文件包含及修复 - 网站安全 - 自学p

佳缘SQL injectionl及修复方案 - 网站安全 - 自学ph

子栏目

Banana Dance CMS and Wiki SQL注射缺陷及修复 - 网站安全

最新评论

添加评论

更多文章推荐

添加评论