[AutoTest] CNVD-2020-15061 Ourphp 多处SQL
2020-05-14 22:07:59 Author: forum.90sec.com(查看原文) 阅读量:373 收藏

http://www.ourphp.net/

2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->listgo(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/function/api/alipay_quick/alipayapi.php:58:2131 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->listgo(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/function/api/alipay_quick/notify_url.php:91:3899 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->update(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/function/api/alipay_quick/notify_url.php:137:6360 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->update(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/function/api/alipay_quick/notify_url.php:149:7727 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? orders_buylist(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/function/api/alipay_quick/notify_url.php:135:6247 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->listgo(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/function/api/alipay_quick/return_url.php:74:2699 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? orders_buylist(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/function/api/alipay_quick/return_url.php:120:5055 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->update(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/function/api/alipay_quick/return_url.php:122:5168 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->update(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/function/api/alipay_quick/return_url.php:134:6634 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->listgo(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/function/api/alipay_wappay/alipayapi.php:57:2127 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->listgo(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/function/api/alipay_wappay/notify_url.php:92:3902 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? orders_buylist(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/function/api/alipay_wappay/notify_url.php:137:6259 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->update(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/function/api/alipay_wappay/notify_url.php:139:6372 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->update(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/function/api/alipay_wappay/notify_url.php:151:7745 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->listgo(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/function/api/alipay_wappay/return_url.php:68:2660 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? orders_buylist(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/function/api/alipay_wappay/return_url.php:113:5017 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->update(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/function/api/alipay_wappay/return_url.php:115:5130 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->update(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/function/api/alipay_wappay/return_url.php:129:6599 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->listgo(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/function/api/weixinh5pay/jsapi.php:52:1269 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->listgo(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/function/api/weixinpay/native.php:39:914 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? file_get_contents($__ARG__); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/function/ourphp/plugins/function.cprt.php:39:1276 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->listgo(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/function/ourphp_ajax.class.php:94:2240 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->listgo(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/function/ourphp_ajax.class.php:98:2450 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->listgo(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/function/ourphp_ajax.class.php:103:2672 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->listgo(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/function/ourphp_shoppingorders.class.php:216:6388 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? orders_buylist(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/function/ourphp_shoppingorders.class.php:309:9589 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->update(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/function/ourphp_shoppingorders.class.php:310:9665 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? orders_buylist(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/function/ourphp_shoppingorders.class.php:322:10129 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->update(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/function/ourphp_shoppingorders.class.php:323:10204 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->insert(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/function/plugs/Comment/article-content.php:86:2667 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->insert(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/function/plugs/Comment/product-content.php:120:3607 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->listgo(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/client/manage/Specifications.php:31:1020 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->listgo(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/client/manage/Specifications.php:41:1880 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->update(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/client/manage/ourphp_adview.php:21:632 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->insert(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/client/manage/ourphp_article.php:75:2156 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->update(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/client/manage/ourphp_article.php:129:4216 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->update(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/client/manage/ourphp_articleview.php:76:2280 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? sqldumptable(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/client/manage/ourphp_bakgo.php:620:23278 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->insert(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/client/manage/ourphp_banner.php:20:711 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->update(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/client/manage/ourphp_banner.php:32:1411 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->update(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/client/manage/ourphp_bannerview.php:19:713 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->insert(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/client/manage/ourphp_columnadd.php:45:1487 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->insert(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/client/manage/ourphp_columnadd.php:51:2427 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->update(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/client/manage/ourphp_columnadd.php:84:4076 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->del(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/client/manage/ourphp_comment.php:43:1268 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->insert(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/client/manage/ourphp_down.php:71:2084 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->update(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/client/manage/ourphp_down.php:131:4622 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->update(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/client/manage/ourphp_downview.php:64:1918 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->insert(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/client/manage/ourphp_freight.php:23:718 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->update(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/client/manage/ourphp_freightview.php:23:724 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->update(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/client/manage/ourphp_grouplist.php:79:2210 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->insert(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/client/manage/ourphp_job.php:55:1587 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->update(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/client/manage/ourphp_job.php:108:3988 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->update(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/client/manage/ourphp_jobview.php:58:1687 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->insert(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/client/manage/ourphp_manage.php:31:952 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->del(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/client/manage/ourphp_orders.php:26:738 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->del(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/client/manage/ourphp_ordersalone.php:28:702 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->update(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/client/manage/ourphp_pay.php:32:1278 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->update(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/client/manage/ourphp_pay.php:35:1593 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->insert(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/client/manage/ourphp_pay.php:41:1913 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->update(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/client/manage/ourphp_photo.php:75:2139 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->insert(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/client/manage/ourphp_photoadd.php:55:1743 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->update(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/client/manage/ourphp_photoedit.php:76:2280 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->create(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/client/manage/ourphp_product.php:113:3286 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->insert(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/client/manage/ourphp_product.php:134:3846 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->create(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/client/manage/ourphp_productedit.php:135:3867 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->update(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/client/manage/ourphp_productedit.php:156:4446 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->update(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/client/manage/ourphp_productlist.php:80:2284 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->listgo(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/client/manage/ourphp_search.php:55:2006 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->create(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/client/manage/ourphp_sql.php:39:1082 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->update(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/client/manage/ourphp_usercontrol.php:22:696 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->del(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/client/manage/ourphp_usersearch.php:42:1137 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->insert(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/client/manage/ourphp_video.php:58:1790 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->update(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/client/manage/ourphp_video.php:117:4111 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->update(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/client/manage/ourphp_videoview.php:59:1863 is probably vulnerable.(Trace Graph at )
2020-05-14 20:52:45 [ALRT] [php-parser/instance/condition_slover.go:44] [*] Found <? $__ANY__->update(); at /Users/maple/Downloads/php-test2/ourphp企业+电商建站系统/client/manage/ourphp_webdeploy.php:18:550 is probably vulnerable.(Trace Graph at )

待修复的缺陷:

  • 缺少对算术运算符ir翻译,紧迫性+1

每天一个AutoTest :)


文章来源: https://forum.90sec.com/t/topic/1027/1
如有侵权请联系:admin#unsafe.sh