Ecshop支付模块注入那个漏洞
<?php $test=str_replace($_GET['a'],'',$_GET['b']); echo $test; ?>
test.php?a=&b=%00'
\0\'
把0给替掉
test.php?a=0&b=%00' \\'
Ecshop支付模块注入那个漏洞
<?php $test=str_replace($_GET['a'],'',$_GET['b']); echo $test; ?>
test.php?a=&b=%00'
\0\'
把0给替掉
test.php?a=0&b=%00' \\'