蓝科cms(lankecms)V1.9 eShowNews.asp SQL注入漏洞

- AV AC AU C I A
发布: 2025-04-13
修订: 2025-04-13

简介已经说明了注入位置了。然后谷歌一下。搜索了有关案例: ![](https://images.seebug.org/contribute/cbc25769-2e09-4b19-afc1-a0202beffaa5-1.png) http://www.ampixel.com/eshownews.asp?id=61 http://ampixel.com/eshownews.asp?id=62 http://www.up-real.com/eshownews.asp?id=106 http://www.trendtronic.com.cn/eshownews.asp?id=65 http://www.jeffhouse.net/eshownews.asp?id=103 http://www.sdrunzhou.com/showcases.asp?id=60 http://www.planning.org.cn/news/shownews.asp?id=471 http://www.ttlg.com/shownews.asp?id=895 http://www.asmcs.com/shownews.asp?id=492 http://www.3dxchina.com/shownews.asp?id=100 http://www.up-real.com/showshop.asp?id=72 http://www.jdart.cn/showshop.asp?id=169 http://www.ospchina.com/showshop.asp?id=63 然后用sqlmap验证下检测到的是布尔类型的一个注入 ![](https://images.seebug.org/contribute/832930d9-529a-431f-a265-654280d294e9-2.png)

0%
暂无可用Exp或PoC
当前有0条受影响产品信息