PHPok v4.1 /framework/www/project/control.php SQL注入漏洞
/framework/www/projectcontrol.php $ext = $this-get"ext"; if$ext && isarray$ext $c = ''; foreach$ext AS $key=$value if$key && $value $c = "ext.".$key." LIKE '%".$value."%'"; $pageurl .= "ext".$key."=".rawurlencode$value."&"; if$c $dt'sqlext' = implode" AND ",$c; $this-assign'ext',$ext;...
