您现在的位置是：首页 > cms教程 > ecshop商城教程ecshop商城教程

ecshop漏洞/goods.php SQL Injection Vul修复方法

天荷2025-02-07 17:03:34ecshop商城教程已有8人查阅

导读catalogue1. 漏洞描述2. 漏洞触发条件3. 漏洞影响范围4. 漏洞代码分析5. 防御方法6. 攻防思考1. 漏洞描述2. 漏洞触发条件0x1: poc3. 漏洞影响范围4. 漏洞代码分

catalogue
1. 漏洞描述
2. 漏洞触发条件
3. 漏洞影响范围
4. 漏洞代码分析
5. 防御方法
6. 攻防思考
1. 漏洞描述
2. 漏洞触发条件
0x1: poc
3. 漏洞影响范围
4. 漏洞代码分析

/goods.php
/* 修改 start by zhouH*/
if (!empty($_REQUEST['act']) && $_REQUEST['act'] == 'getGoodsInfo')
{
include('includes/cls_json.php');
$json = new JSON;
$res = array('err_msg' => '', 'result' => '', 'goods_img' => '');
//直接接收外部参数，未进行有效过滤
$goods_id = $_REQUEST['id'];
if(!empty($goods_id))
{
/* 获得商品的信息 */
//将外部参数带入SQL查询
$goods = get_goods_info($goods_id);
res['result'] = $goods;
..
$goods = get_goods_info($goods_id);

5. 防御方法
/goods.php

/* 修改 start by zhouH*/
if (!empty($_REQUEST['act']) && $_REQUEST['act'] == 'getGoodsInfo')
{
include('includes/cls_json.php');
$json = new JSON;
$res = array('err_msg' => '', 'result' => '', 'goods_img' => '');
/**/
$goods_id = intval($_REQUEST['id']);
/**/
if(!empty($goods_id))
{