goback add

Wordpress插件RLSWordPressSearch SQL注射

2343 点击·0 回帖
灯火互联
灯火互联
楼主

标题 : Wordpress RLSWordPressSearch plugin SQL Injection  
 
作者 : Ashiyane Digital Security Team  
 
网址 : ww.ashiyane.org  
 
风险类型 : MEdium - SQL Injection  
 
关键词: inurl:wp-content/plugins/RLSWordPressSearch/register.php?a=  
 
缺陷位置
www.atcpu.com /wp-content/plugins/RLSWordPressSearch/register.php?a=[num];agentid=[SQL]  
 
修复:
过滤agentid参数

喜欢0 评分0
回复

切换至电脑版

Powered by phpwind.me ©2003-2014