IT技术互动交流平台

PRE PRINTING STUDIO Sql注入漏洞及修复方法

发布日期:2012-03-20 23:08:29

标题:   PRE PRINTING STUDIO Sql Injection
作者: r45c4l www.it165.net/safe infosecpirate@gmail.com
程序下载地址: http://www.preprojects.com/preprojects/printing.asp
产品介绍:
A complete printing press website script contains all features required for online printing business. Developed in PHP, MYSQL and Flash AS3, with all browsers compatibility and easy to navigate. Package contains builtin designers to customize designs online, shopping cart and complete users and orders modules.Product is user friedly and can fully operate via secure admin panel.Script is fully customizable and ready to upload to start your printing press now.
产品价格 : 999$
测试方法                                    ---ICW---
 [ EXPL0!T ]
 SQL Injection
 p0c - http://www.it165.net/safe /preprojects/prestudio/page.php?id=[SQli]

 Some intresting tables and columns:
 Table : admin      Columns : password, username, id
 Table : users      columns : email, id
==============================================
修复:过滤

Tag标签: PRE   PRINTING   STUDIO   注入漏洞  
  • 专题推荐

About IT165 - 广告服务 - 隐私声明 - 版权申明 - 免责条款 - 网站地图 - 网友投稿 - 联系方式
本站内容来自于互联网,仅供用于网络技术学习,学习中请遵循相关法律法规