maxcms movie CMS injection-vulnerability warning-the black bar safety net

2015-06-12T00:00:00
ID MYHACK58:62201563520
Type myhack58
Reporter 佚名
Modified 2015-06-12T00:00:00

Description

Vulnerability file/inc/ajax. asp 33-40 line

Sub getscore(ac) dim id,ary,ret : id=getForm("id","get") if isNul(id) then die "err" if ac="newsscore" then ary=conn. db("SELECT m_digg,m_tread,m_score FROM {pre}news WHERE m_id correspondence between="&id,"array") else ary=conn. db("SELECT m_digg,m_tread,m_score FROM {pre}data WHERE m_id correspondence between="&id,"array") end if

Here is a look at isNul function is doing the judging, inc/CommonFun. asp 191-193

Function isNul(str) if isnull(str) or str="" then isNul=true else isNul=false End Function

Here's just a simple judgment is not empty, is not empty can.