ecshop的Search.php安全性漏洞

Posted on 2010/09/08 by admin

ecshop2.7.2版之前的Search.php有嚴重的安全性漏洞,將導致SQL注入,被取得MYSQL權限

請參考以下網址

http://hi.baidu.com/%CE%A4%BD%AD%B4%FA/blog/item/f2cedb33a8e1334fad4b5f8e.html

http://bbs.ecshop.com/thread-127611-1-1.html

請用戶立即施升級ECSHOP到2.7.2以上版本,如果馬上升級的用戶建議暫時將Search.php移除

This entry was posted in ecshop. Bookmark the permalink.

發表迴響

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>