kppw 最新版前台无条件sql注入一枚

简要描述： rt 详细说明： /www/lib/inc/CommonClass.php public static function changehongbao$taskid,$moneys,$uid,$money,$title,$g $result=dbfactory::getone'select from '.TABLEPRE.'witkeyspace where uid='.$uid; if$g $newbalance=$result'balance'-$money+$moneys; dbfactory::query'update '.TABLEPRE.'witkeyspace s...