MetInfo5.3 search.php SQL注入漏洞

- AV AC AU C I A
发布: 2025-04-13
修订: 2025-04-13

<p>在search.php文件中:</p><pre class="lang-php" data-lang="php"><code style="margin: 0px; font-family: 'Lucida Console', 'Courier New', Courier, mono, monospace; color: rgb(51, 51, 51); background-color: rgb(248, 248, 248);">$module=intval($module);<br style="margin: 0px; padding: 0px;"> if($class1)$module=0;<br style="margin: 0px; padding: 0px;"> if(intval($module)){<br style="margin: 0px; padding: 0px;"> $serch_sql.=" where lang='$lang' and (recycle='0' or recycle='-1') and displaytype='1' ";<br style="margin: 0px; padding: 0px;"> }else{<br style="margin: 0px; padding: 0px;"> $class1_info=$class_list[$class1];<br style="margin: 0px; padding: 0px;"> if(!$class1_info)okinfo('../',$pagelang[noid]);<br style="margin: 0px; padding: 0px;"> $class1sql=" class1='$class1' ";<br style="margin: 0px; padding: 0px;"> $class2sql=" class2='$class2' ";<br style="margin: 0px; padding: 0px;"> $class3sql=" class3='$class3' ";<br style="margin: 0px; padding: 0px;"> <br style="margin: 0px; padding:...

0%
暂无可用Exp或PoC
当前有0条受影响产品信息