An SQL injection vulnerability exists in a sub-station of fangxun.
An injection of the room Information Network
The problem lies in the sales parameter.
GET/esf_personalSellin.do? Index = 4 & sales = 3.0 * HTTP/1.1
Host: 0757.home77.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv: 40.0) Gecko/20100101 Firefox/40.0
Accept: text/html, application/xhtml + xml, application/xml; q = 0.9, */*; q = 0.8
Accept-Language: zh-CN, zh; q = 0.8, en-US; q = 0.5, en; q = 0.3
Accept-Encoding: gzip, deflate
Connection: keep-alive
The problem lies in the sales parameter.
GET/esf_personalSellin.do? Index = 4 & sales = 3.0 * HTTP/1.1
Host: 0757.home77.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv: 40.0) Gecko/20100101 Firefox/40.0
Accept: text/html, application/xhtml + xml, application/xml; q = 0.9, */*; q = 0.8
Accept-Language: zh-CN, zh; q = 0.8, en-US; q = 0.5, en; q = 0.3
Accept-Encoding: gzip, deflate
Connection: keep-alive
Solution:
Filter