PHPMyWind最新版SQL注入漏洞

简要描述： PHPMyWind 最新版V5.1 Beta 存在sql注入 详细说明： 文件:orderenter.php //初始化参数 $action = isset$action ? $action : ''; $shoppingcart = unserializeAuthCode$COOKIE'shoppingcart'; $orderinfo = unserializeAuthCode$COOKIE'orderinfo'; $totalprice = ''; $totalweight = ''; //商品运费 $r = $dosql-GetOne"SELECT postprice...