phpsso.php SQL Injection Vul

catalogue

1. 漏洞描述
2. 漏洞触发条件
3. 漏洞影响范围
4. 漏洞代码分析
5. 防御方法
6. 攻防思考

1. 漏洞描述

Relevant Link:
2. 漏洞触发条件
3. 漏洞影响范围
4. 漏洞代码分析
5. 防御方法

/api/phpsso.php

/**
* 同步登陆
*/
if ($action == 'synlogin') 
{

    if(!isset($arr['uid'])) exit('0');
            
    /*$phpssouid = $arr['uid'];*/
    $phpssouid = intval($arr['uid']);
    /**/

6. 攻防思考

posted @ 2016-02-23 16:29 郑瀚Andrew 阅读(443) 评论(0) 编辑收藏举报

会员力量，点亮园子希望

刷新页面返回顶部

Han Zheng, Practitioners and Theoretical Researcher, Now working in Alibaba Cloud Corp, China

Welcome to contact me. Wechat：LittleHann，My email, 306211321@qq.com，Job mail：zhenghan.zh@alibaba-inc.com，Job Description：aHR0cHM6Ly9qb2IuYWxpYmFiYS5jb20vemhhb3Bpbi9wb3NpdGlvbl9kZXRhaWwuaHRtP3RyYWNlPXFyY29kZV9zaGFyZSZwb3NpdGlvbkNvZGU9R1A2MDAxMjk=

phpcms /api/phpsso.php SQL Injection Vul

公告