某处过滤不当导致的sql注入,学分刷起来! 访问:
错误信息:
mySQL 查询错误: SELECT Zhy.DepartID, Zhy.Zhy_Code, Department.Depart_coll, Department.Depart_major FROM Zhy , Department WHERE Zhy.DepartID = Department.DepartID AND Department.Depart_coll ='广东外语外贸大学%''
时间: Sunday 30th 2014f March 2014 11:34:48 AM
刷一下表结构
[18 tables] +---------------------------------------+ | News | | user | | course | | course_recepter | | course_resourse | | coursevaild | | department | | error | | excellentcourse | | majorcode | | mcteachplan | | mcteachplanarrangement | | noteinfo | | receive | | selcourse | | studentinfo | | systemrecord | | zhy | +---------------------------------------+
首页就有登陆入口,整一条user记录,登陆一下
lihh pwd:lihh
如图:
修复: 加强过滤查看更多关于广州大学城高校互选课程管理系统sql注入致大量的详细内容...
声明:本文来自网络,不代表【好得很程序员自学网】立场,转载请注明出处:http://haodehen.cn/did15576