### 简要描述:
湖南青果校园电子商务平台存在SQL注入漏洞,速度太快了,一会儿数据就全出来了
### 详细说明:
网站地址:
http://www.kingogo.cn/admin/index.php
问题页面:
http://www.kingogo.cn/selschool.php?cate_id=123
相关数据库信息:
[<img src="https://images.seebug.org/upload/201307/29141606f275b7f260385b7b43793aa368d6f695.png" alt="1.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201307/29141606f275b7f260385b7b43793aa368d6f695.png)
表:
[<img src="https://images.seebug.org/upload/201307/29141655a472fa5f4d494f4da8699145c40bad2d.png" alt="2.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201307/29141655a472fa5f4d494f4da8699145c40bad2d.png)
字段及数据:
[<img src="https://images.seebug.org/upload/201307/29141715965fe3aae6a28ffcecce4785895ed297.png" alt="3.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201307/29141715965fe3aae6a28ffcecce4785895ed297.png)
### 漏洞证明:
[<img src="https://images.seebug.org/upload/201307/291419088446a7c5f2528a245fc24b842767239c.png" alt="4.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201307/291419088446a7c5f2528a245fc24b842767239c.png)
京公网安备 11010502034610号
暂无评论