mirror of
https://gitee.com/gaohongy/code-audit.git
synced 2026-07-16 08:23:50 +00:00
第四章增加数据库表名的说明
This commit is contained in:
@@ -386,6 +386,8 @@ $backupfilename = './data/'.$backupdir.'/'.str_replace(array('/', '\\', '.', "'"
|
|||||||
http://localhost/discuz/admin.php?action=db&operation=export&setup=1&scrolltop=&anchor=&type=custom&customtables[]=pre_ucenter_admins&method=multivol&sizelimit=2048&extendins=0&sqlcompat=&usehex=1&usezip=0&filename=xinan&exportsubmit=%CC%E1%BD%BB22
|
http://localhost/discuz/admin.php?action=db&operation=export&setup=1&scrolltop=&anchor=&type=custom&customtables[]=pre_ucenter_admins&method=multivol&sizelimit=2048&extendins=0&sqlcompat=&usehex=1&usezip=0&filename=xinan&exportsubmit=%CC%E1%BD%BB22
|
||||||
```
|
```
|
||||||
|
|
||||||
|
> 注意,URL地址中有个参数是你需要备份的数据表的名字,请确认和你的安装数据表名是一致的。
|
||||||
|
|
||||||
思考:如何得到漏洞的访问地址?
|
思考:如何得到漏洞的访问地址?
|
||||||
|
|
||||||
## 3.2. CSRF漏洞防范
|
## 3.2. CSRF漏洞防范
|
||||||
|
|||||||
Reference in New Issue
Block a user