SQL Injection: BUG: http://www.2cto.com /diy-cms/mod.php?mod=blog&modfile=tags&tag=features&start=[sqli] http://www.2cto.com /diy-cms/mod.php?mod=blog&start=[sqli] http://www.2cto.com /diy-cms/mod.php?mod=blog&modfile=archive&month=[sqli] http://www.2cto.com /diy-cms/mod.php?mod=blog&modfile=archive&month=8&year=[sqli] http://www.2cto.com /diy-cms/mod.php?mod=blog&modfile=list&catid=4&start=[sqli] http://www.2cto.com /diy-cms/mod.php?mod=blog&modfile=archive&month=8&year=2&start=[sqli] http://www.2cto.com /diy-cms/mod.php?mod=blog&modfile=viewpost&blogid=26&start=[sqli] Why?: The variables $start, $year, $month are not filtered In file: /modules/blog/tags.php , list.php , index.php , main_index.php , viewpost.php $start =(!isset($_GET['start'])) ? '0' : $_GET['start']; In file: /modules/blog/archive.php $start =(!isset($_GET['start'])) ? '0' : $_GET['start']; $month =(!isset($_GET['month'])) ? error_msg($lang['ARCHIVE_NO_MONTH_SPECIFIED']) : $_GET['month']; $year =(!isset($_GET['year'])) ? error_msg($lang['ARCHIVE_NO_YEAR_SPECIFIED']) : $_GET['year']; In file: /modules/blog/control/approve_comments.php , approve_posts.php , viewcat.php $start =(!isset($_GET['start'])) ? '0' : $_GET['start'];
查看更多关于DIY-CMS blog mod SQL注射缺陷及修复 - 网站安全 - 自学的详细内容...