马克斯CMS(Maxcms) admin_inc.asp SQL注入漏洞

在文件admin/ admininc.asp中： Sub checkPower //第103行 dim loginValidate,rsObj : loginValidate = "maxcms2.0" err.clear on error resume next set rsObj=conn.db"select mrandom,mlevel from premanager where musername='"&rCookie"musername"&"'","execute" rCookie函数在文件inc/ CommonFun.asp中 Function rCookiecookieNa...