BBSxp2008 8.0.4 Sqlע©

[BBSxp2008 8.0.4 Sqlע© ȫ]Ӱ汾BBSxp 2008 (Build: 8.0.4)
©ļ:MoveThread.asp
MoveThread.asp2-24
#----Ķ----#

if CookieUserName =empty then error(&quot;δ&lt;a href=&quot;&quot;javascript:BBSXP_Modal.Open (&#039;Login.asp&#039;,380,170);&quot;&quot;&gt;¼&lt;/a&gt;&quot;) &#039;cookie½
ThreadID=R


©ļ:MoveThread.asp
MoveThread.asp2-24
<%
if CookieUserName =empty then error("δ<a href=""javascript:BBSXP_Modal.Open (''Login.asp'',380,170);"">¼</a>") ''cookie½ ThreadID=Request("ThreadID") '' Sql Injection Vulnerability
If Not IsNumeric(ThreadID) then
ThreadIDArray=Split(ThreadID,",") ''ж,13г
if IsArray(ThreadIDArray) then
for i=0 to Ubound(ThreadIDArray)
if Execute ("Select ThreadID from ["&TablePrefix&"Threads] where ThreadID="& ThreadIDArray(i)&"").eof then error"<li>ϵͳڸӵ"
next
ThreadIDSql=int(ThreadIDArray(0))
else
error("")
end if
Else
ThreadIDSql=int(ThreadID)
End If


ForumID=Execute("Select ForumID From ["&TablePrefix&"Threads] where ThreadID="&ThreadIDSql&"")(0)
%>
<!-- #include file="Utility/ForumPermissions.asp" -->

ִ˲ѯжȨޣͨûɽsqlע䡣
Url;
ύسϢ
Microsoft JET Database Engine  ''80040e14''
ַ﷨ ڲѯʽ ''ThreadID=1'''' С
/BBSXP_Class.asp 5
©ߣSQL 汾ȽϺãaccessnbsiòֻܲ½ֶΣֵֶ޷½⣬Ҫֹ