### 简要描述: 测试了2.7.3-2.7.4 都存在这个漏洞 应该是通杀吧:) ### 详细说明: 随便找一个商品购买 数量填999999999999 [<img src="https://images.seebug.org/upload/201511/1015571527c44ffdf76c17ebfb91c04aba2bdb49.jpg" alt="1.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201511/1015571527c44ffdf76c17ebfb91c04aba2bdb49.jpg) 然后会让你填写缺货登记 数据随便填 [<img src="https://images.seebug.org/upload/201511/10155759a8c914a97ed9ad12ac8dc747559e41cf.jpg" alt="2.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201511/10155759a8c914a97ed9ad12ac8dc747559e41cf.jpg) 然后利用burp抓包 修改掉email中的数据提交 [<img src="https://images.seebug.org/upload/201511/101559220e2071ff5e8f63f96fad1cd27f78e285.jpg" alt="3.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201511/101559220e2071ff5e8f63f96fad1cd27f78e285.jpg) 然后坐等管理员审核缺货登记。。。 ### 漏洞证明: [<img src="https://images.seebug.org/upload/201511/1016000095222b8005a3e2bb574488fd5ba9b9b2.jpg" alt="4.jpg"...
### 简要描述: 测试了2.7.3-2.7.4 都存在这个漏洞 应该是通杀吧:) ### 详细说明: 随便找一个商品购买 数量填999999999999 [<img src="https://images.seebug.org/upload/201511/1015571527c44ffdf76c17ebfb91c04aba2bdb49.jpg" alt="1.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201511/1015571527c44ffdf76c17ebfb91c04aba2bdb49.jpg) 然后会让你填写缺货登记 数据随便填 [<img src="https://images.seebug.org/upload/201511/10155759a8c914a97ed9ad12ac8dc747559e41cf.jpg" alt="2.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201511/10155759a8c914a97ed9ad12ac8dc747559e41cf.jpg) 然后利用burp抓包 修改掉email中的数据提交 [<img src="https://images.seebug.org/upload/201511/101559220e2071ff5e8f63f96fad1cd27f78e285.jpg" alt="3.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201511/101559220e2071ff5e8f63f96fad1cd27f78e285.jpg) 然后坐等管理员审核缺货登记。。。 ### 漏洞证明: [<img src="https://images.seebug.org/upload/201511/1016000095222b8005a3e2bb574488fd5ba9b9b2.jpg" alt="4.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201511/1016000095222b8005a3e2bb574488fd5ba9b9b2.jpg) [<img src="https://images.seebug.org/upload/201511/10160010f74d8379618fd0358731791a7fa0fc70.jpg" alt="5.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201511/10160010f74d8379618fd0358731791a7fa0fc70.jpg) 过滤