xpshop comorder.aspx SQL注入

No description provided by source...

xpshop网店系统sql注入两处（一处盲注）

简要描述： 详细说明： 漏洞位置：...order protected void PageLoadobject sender, EventArgs e if base.CurrentUser != null && base.CurrentUser.Name != "anonymous" this.member = base.CurrentUser; this.shipfree = new ShippingFreeDB.GetShippingFreeDetails1; if !base.IsPostBack if base.Request.QueryString"type" != null...