漏洞概要
            
                关注数(24 )
                
                    关注此漏洞 
                 
             
         
        
        
        
        
        
        
        
        
        
        
        >		
漏洞详情 		披露状态: 							
											2015-03-18:	细节已通知厂商并且等待厂商处理中
		简要描述: 		凑热闹
								详细说明:     			丫丫手机网
Fatal error: Uncaught exception 'Exception' with message ' MySQL Query Error<br> <b>SQL</b>: SELECT * FROM sys_phone_zhuanti WHERE id=38’ and status=1 LIMIT 1<br> <b>错误详情</b>: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '’ and status=1 LIMIT 1' at line 1<br> <b>错误代码</b>:1064<br>' in D:\wwwroot\yaya_app_ftp\wwwroot\Init\Trunk\TrunkMysql.class.php:178 Stack trace: #0 D:\wwwroot\yaya_app_ftp\wwwroot\Init\Trunk\TrunkMysql.class.php(24): TrunkMysql->error('MySQL Query Err...') #1 D:\wwwroot\yaya_app_ftp\wwwroot\Init\Trunk\TrunkModel.class.php(64): TrunkMysql->query('SELECT * FROM s...', Array) #2 D:\wwwroot\yaya_app_ftp\wwwroot\Init\Trunk\TrunkModel.class.php(103): TrunkModel->query('SELECT * FROM s...', Array, true) #3 D:\wwwroot\yaya_app_ftp\wwwroot\Init\Trunk\TrunkModel.class.php(94): TrunkModel->select() #4 D:\wwwroot\yaya_app_ftp\wwwroot\activity.php( in D:\wwwroot\yaya_app_ftp\wwwroot\Init\Trunk\TrunkMysql.class.php on line 178
available databases [10]:
     									漏洞证明:       									修复方案:       															        
        
        >					
漏洞回应       																		厂商回应: 						危害等级:高
						漏洞Rank:10 
													确认时间:2015-03-18 12:36
												厂商回复: 						谢谢您
										最新状态: 											暂无