团购王SQL注入漏洞,会员信息泄露

- AV AC AU C I A
发布: 2025-04-13
修订: 2025-04-13

### 简要描述: 参数过滤不严,导致sql注入 ### 详细说明: http://www.go.cn/index.php?m=festival&type=451'&cityid=29 [<img src="https://images.seebug.org/upload/201211/05224620952f67b05551194bb7dbf02d90f7092e.jpg" alt="4sql报错.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201211/05224620952f67b05551194bb7dbf02d90f7092e.jpg) ### 漏洞证明: [<img src="https://images.seebug.org/upload/201211/0522471111cf80c76ad60cdc19ab455359a069e4.jpg" alt="团购王.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201211/0522471111cf80c76ad60cdc19ab455359a069e4.jpg) [<img src="https://images.seebug.org/upload/201211/052247329832a0fca653423039ad23990be672be.jpg" alt="团购王2.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201211/052247329832a0fca653423039ad23990be672be.jpg) [<img src="https://images.seebug.org/upload/201211/05224720ea527f14d16c8022bc44ec77ac97106f.jpg" alt="团购王1.jpg" width="600"...

0%
暂无可用Exp或PoC
当前有0条受影响产品信息