动网论坛DVBBS) logout.asp页面存在注入漏洞
| 动网论坛DVBBS) logout.asp页面存在注入漏洞
logout.asp:
/--------------------------------------------------------------------------
<%
dim activeuser
membername=request.cookies("aspsky")("username")
if session("userid")<>"" then
activeuser="delete from online where id="&session("userid")
Conn.Execute activeuser
end if
if membername<>"" then
activeuser="delete from online where username=';"&membername&"';"
Conn.Execute activeuser
end if
Response.Cookies("aspsky").path=cookiepath
Response.Cookies("aspsky")("username")=""
Response.Cookies("aspsky")("password")=""
Response.Cookies("aspsky")("userclass")=""
Response.Cookies("aspsky")("userid")=""
Response.Cookies("aspsky")("userhidden")=""
Response.Cookies("aspsky")("usercookies")=""
session("userid")=""
conn.close
set conn=nothing
response.redirect("index.asp")
%>
/--------------------------------------------------------------------------
因程序当中的logout.asp页面对于
activeuser="delete from online where username=';"&membername&"';"并没有做好过滤导致了问题的产生,
|
