CuuMall免费开源商城系统 sql多处注入

简要描述： CuuMall免费开源商城系统 sql多处注入 详细说明： 直接看代码： SearchAction.class.php71-109: public function Exsearch $pinpai = $POST'pinpai'; $pr1 = $POST'pr1'; $pr2 = $POST'pr2'; $keyword = $POST'keyword'; if $pinpai == 0 $pinpai = ""; if $pinpai != "" $sql1 = "pinpai=".$pinpai." and "; else $sql1 = ""; if $pr1 !=...