影响版本:
通杀
程序介绍:
骑士CMS人才系统,PHP人才招聘程序 (www.74cms.com/)
漏洞文件:
ajax_output.php预览源代码打印关于1 $category_id=trim($_GET['category_id']);
2
3 if (($category_id+0)>0 && intval($category_id)==$category_id) //只用了if判断并没有执行
EXP:
http://127.0.0.1/74cms/ajax_outp ... y&category_id=4[sql]
漏洞修补:
$category_id=intval(trim($_GET['category_id']));
通杀
程序介绍:
骑士CMS人才系统,PHP人才招聘程序 (www.74cms.com/)
漏洞文件:
ajax_output.php预览源代码打印关于1 $category_id=trim($_GET['category_id']);
2
3 if (($category_id+0)>0 && intval($category_id)==$category_id) //只用了if判断并没有执行
EXP:
http://127.0.0.1/74cms/ajax_outp ... y&category_id=4[sql]
漏洞修补:
$category_id=intval(trim($_GET['category_id']));