标题: PhpBridges Blog System SQL Injection Vulnerability
作者: 3spi0n
程序网站: https://launchpad.net/phpbridges
测试平台: BackTrack 5 - Win7 Ultimate
开发语言: Php
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> 
[$]缺陷文件:
 
[~] members.php
 
[$] 测试网站:
 
[~] /members.php?id=2" [SQL Injection]
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> 
 
# Dar bi Koridor Benimki, Kendimi Aradigim.
 
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> 
 
提供修复方案:


过滤members.php页面id参数输入
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> 
 
- Mr.PaPaRoSSe And 3spi0n -
 
Bug Researcher Group - TURKEY
 
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>