PHPYUN最新版SQL注入二处(绕过防御)

- AV AC AU C I A
发布: 2025-04-13
修订: 2025-04-13

### 简要描述: PHPYUN最新版(phpyun_v3.1.0604_gbk)SQL注入二处,无视GPC(绕过防御) ### 详细说明: PHPYUN最新版(phpyun_v3.1.0604_gbk)SQL注入二处 第一处SQL注入: 文件/member/model/com.class.php ``` function job(){ if($_GET['p_uid']){ $data['p_uid']=(int)$_GET['p_uid']; $data['inputtime']=mktime(); $data['c_uid']=$this->uid; $data['usertype']=$_COOKIE['usertype']; $haves=$this->obj->DB_select_once("blacklist","`p_uid`=".$data['c_uid']." and `c_uid`=".$data['c_uid']." and `usertype`=".$data['usertype'].""); if(is_array($haves)){ $this->obj->layer_msg("该用户已在您黑名单中!",8,0,$_SERVER['HTTP_REFERER']); }else{ $nid=$this->obj->insert_into("blacklist",$data); $num=$this->obj->DB_select_num("userid_job","`uid`=".$data['p_uid']." and `com_id`=".$data['c_uid'].""); $this->obj->DB_delete_all("userid_job","`uid`=".$data['p_uid']." and `com_id`=".$data['c_uid'].""," "); $this->obj->DB_update_all("member_statis","`sq_jobnum`=`sq_jobnum`-$num","`uid`='".$data['p_uid']."'");...

0%

漏洞利用/PoC

暂无可用Exp或PoC

受影响的平台与产品

当前有0条受影响产品信息