W78CMS enterprise website management system v2. 6. 1 injection-vulnerability warning-the black bar safety net

Author: Lan3a Keywords: inurl:ShowDownload. asp? id= In the admin directory, addjs. the asp file. Not to do any treatment directly query the database. !-- include file="../conn. asp" - % set js = server. CreateObject"ADODB. RecordSet" sql="select from ad where id="& request. QueryString"id" set j...