one ecshop injection

Posted by punzalan at 2020-04-15

The problem is the same. Here $_post ['id '] directly brings in query ($SQL)

The prompt cannot find the XXX field. Let's write something that doesn't exist. First of all, test the number type. Then test the character type and give the ID value casually, which will bring in the SQL statements, such as:

The complete SQL statement becomes