̳ (DVBBS) PHP 2.0++ dispuser.php sqlע©

©汾:

̳ (DVBBS) PHP 2.0++
©:

DVBBS̳ϵͳһPHPMYSQLݼܹĸվ̳

ļdispuser.phpУ
if( is_numeric($id) ){  //6
	$showUserID = intval($id);
} else{
	if( $UserName == '' ){
		$ErrCodes = $lang['UrlArgError'];
	}
}

if( empty($showUserID) ){    //35
		$updStmt .= " WHERE UserName='{$UserName}' ";
		$stmt .= " WHERE UserName='{$UserName}' ";
		$onstat = " WHERE UserName='{$UserName}' ";
	} else{
		$updStmt .= " WHERE UserID={$showUserID} ";
ڱ$UserName$idڵʱ򣬱$showUserIDͲᱻֵע©Ĳ
<* ο
s1@sebug.net
 http://sebug.net/vulndb/20111/
 *>
Է:

@Sebug.net   dis
վṩ()ܴй,ȫоѧ֮,Ը!1.http://ssvdb.com/dispuser.php?name=lovemmm&showUserID=1%20and%201=2