VULHUB ™

漏洞产生于文件/webmedia/oemui/user/guest.asp，访问这个页面需要注册 相关代码： szAgent = Request.ServerVariables("HTTP_USER_AGENT") aTmpInfo = Split(szAgent, " (", -1, 1) aAgentInfo = Split(aTmpInfo(1), "; ", -1, 1) szBrowser = aAgentInfo(1) if Right(aAgentInfo(2), 1) = ")" or Right(aAgentInfo(2), 1) = ";" then szOS = Left(aAgentInfo(2), Len(aAgentInfo(2)) - 1) else szOS = aAgentInfo(2) end if szClientIP = Request.ServerVariables("REMOTE_ADDR") szSQL = "INSERT INTO GuestBook(CusTomer_ID,cont,ipaddr,ostype,browser,crdt) VALUES(" & iUserID & ",'" & szMemo & "','" & szClientIP & "','" & szOS & "','" & szBrowser & "','" & now &"')" con.Execute szSQL WebVOD 暂无

漏洞产生于文件/webmedia/oemui/user/guest.asp，访问这个页面需要注册 相关代码： szAgent = Request.ServerVariables("HTTP_USER_AGENT") aTmpInfo = Split(szAgent, " (", -1, 1) aAgentInfo = Split(aTmpInfo(1), "; ", -1, 1) szBrowser = aAgentInfo(1) if Right(aAgentInfo(2), 1) = ")" or Right(aAgentInfo(2), 1) = ";" then szOS = Left(aAgentInfo(2), Len(aAgentInfo(2)) - 1) else szOS = aAgentInfo(2) end if szClientIP = Request.ServerVariables("REMOTE_ADDR") szSQL = "INSERT INTO GuestBook(CusTomer_ID,cont,ipaddr,ostype,browser,crdt) VALUES(" & iUserID & ",'" & szMemo & "','" & szClientIP & "','" & szOS & "','" & szBrowser & "','" & now &"')" con.Execute szSQL WebVOD 暂无