SQL注入: http://shdesign.soufun.com/mj10/jd/snews.asp?id=139 http://dg.soufun.com/market/kanwu/display2.asp?id=163 http://sh-greentown.soufun.com/viewnews.asp?id=260 http://shdesign.soufun.com/cs/2011pxsyc/home2-1-dt.asp?id=28 路径泄漏: http://www.soufun.com/Album/other/sfgundong_hz_china.aspx?url=p 漏洞 证明: http://shdesign.soufun.com/mj10/jd/snews. asp ?id=139 http://dg.soufun.com/market/kanwu/display2.asp?id=163 http://sh-greentown.soufun.com/viewnews.asp?id=260 http://shdesign.soufun.com/cs/2011pxsyc/home2-1-dt.asp?id=28 绝对路径:e:\soufun\photo.soufun.com\Album\other\sfgundong_hz_china.aspx 修复方案: 过滤参数 作者 zhk
查看更多关于搜房网一些旧程序含多处SQL注入+1路径泄漏 - 网站的详细内容...