Injection vulnerabilities are a classic vulnerability type, since the last time with friends deep chat about the injection, I injected the awareness but also enhance a height, in my opinion can not be injected into the place, TMD turned out to be injected, the injection attacks the earliest of the 1 9 9 8 years of, seemingly, remember. 1 0 years, and still exists, although the ratio previously appeared a small amount, but had to use one of the attack techniques...
Okay, I digress~~ In fact, the injection is not only appear in the dynamic page, do the pseudo-static after it can not be injected? NO~ Not ripped, just say theme to it, shopex online shop system injection vulnerabilities. The injection point is as follows:
http://www.x.com/comment-8967'//and//ExtractValue(0×6 4,concat(0×0 1,(select//@@version)))//order//by//'1-ask-commentlist.html
A is a site not to open the pseudo-static of injection, a is website on pseudo-static post-injection, and whether to shield error echo 2X2=4 Case. How the injection is not to say, 1 0 years of stuff...not will...