3 matches found
shopnc o2o版 index.php?act=payment&op=notify SQL注入漏洞
No description provided by source...
shopnc o2o版 3处 SQL注入漏洞
No description provided by source...
shopNC O2O系统任意文件删除漏洞
简要描述: 齐博齐博快确认,确认了我再送个0day shopNC的任意文件删除挺多的,我拿O2O系统来说明问题吧。 详细说明: /circle/control/cut.php 46行 / 图片裁剪 / public function piccutOp import'function.thumb'; if chksubmit $thumbwidth = $POST'x'; $x1 = $POST"x1"; $y1 = $POST"y1"; $x2 = $POST"x2"; $y2 = $POST"y2"; $w = $POST"w"; $h = $POST"h"; $scale =...