VULHUB ™

在文件include\db_mysql_error.inc.php里代码: if($message) { $errmsg = "<b>Discuz! info</b>: $message\n\n"; } if(isset($GLOBALS['_DSESSION']['discuz_user'])) { $errmsg .= "<b>User</b>: ".htmlspecialchars($GLOBALS['_DSESSION']['discuz_user'])."\n"; } $errmsg .= "<b>Time</b>: ".gmdate("Y-n-j g:ia", $timestamp + ($GLOBALS['timeoffset'] * 3600))."\n"; $errmsg .= "<b>Script</b>: ".$GLOBALS['PHP_SELF']."\n\n"; if($sql) { $errmsg .= "<b>SQL</b>: ".htmlspecialchars($sql)."\n"; } $errmsg .= "<b>Error</b>: $dberror\n"; $errmsg .= "<b>Errno.</b>: $dberrno"; $GLOBALS['PHP_SELF']确实过滤,导致在出现sql错误信息时利用$GLOBALS['PHP_SELF']进行xss攻击 2008-06 过滤$GLOBALS['PHP_SELF']

在文件include\db_mysql_error.inc.php里代码: if($message) { $errmsg = "<b>Discuz! info</b>: $message\n\n"; } if(isset($GLOBALS['_DSESSION']['discuz_user'])) { $errmsg .= "<b>User</b>: ".htmlspecialchars($GLOBALS['_DSESSION']['discuz_user'])."\n"; } $errmsg .= "<b>Time</b>: ".gmdate("Y-n-j g:ia", $timestamp + ($GLOBALS['timeoffset'] * 3600))."\n"; $errmsg .= "<b>Script</b>: ".$GLOBALS['PHP_SELF']."\n\n"; if($sql) { $errmsg .= "<b>SQL</b>: ".htmlspecialchars($sql)."\n"; } $errmsg .= "<b>Error</b>: $dberror\n"; $errmsg .= "<b>Errno.</b>: $dberrno"; $GLOBALS['PHP_SELF']确实过滤,导致在出现sql错误信息时利用$GLOBALS['PHP_SELF']进行xss攻击 2008-06 过滤$GLOBALS['PHP_SELF']