中华网络安全联盟    作者：佚名    来源：互联网    时间：2006-12-11 14:57:00

Dim ArticleTitle,AuthorName,CopyFrom,Editor,KeyWord,IsHot,IsTop,IsElite,yn,Content,ReadLevel,ReadPoint,VIPReadPoint,PaginationType,MaxCharPerPage,ClassID,IncludePic,IndexPicUrl,Hits
Dim TitleFontColor,CSSID,TemplateID
Dim ChannelID,ChannelName,ChannelItemName,InfoRs,AuthorWords,EditorWords,CopyFromWords,KeyWords,UploadFiles
Dim AdminItemConfig,ChannelItemUnit,SpecialID

Dim Public_aRs

if Request("ChannelID") <> "" then //没有过滤直接得到数据
ChannelID = LzRequest("ChannelID",1)
else
ChannelID = 0
end if

if Request("ClassID") <> "" then////没有过滤直接得到数据
ClassID = LzRequest("ClassID",1)
else
ClassID = 0
end if

if ChannelID = "" Or ChannelID = 0 then
ErrMsg = "<li> 请选择“频道ID丢失”!"
LZ8.ShowErr()
Else
Set InfoRs = lz8.Execute("Select ChannelName,ChannelItemName,AuthorWords,EditorWords,CopyFromWords,KeyWords,ChannelDir,AdminItemConfig,ChannelItemUnit From [LZ8_Channel] Where ChannelID="& ChannelID )////没有过滤直接进到数据库

ChannelName = InfoRs(0)
ChannelItemName = InfoRs(1)
AuthorWords = InfoRs(2)
EditorWords = InfoRs(3)
CopyFromWords = InfoRs(4)
KeyWords = InfoRs(5)
ChannelDir = InfoRs(6)
AdminItemConfig = Split(InfoRs(7),"|||")
ChannelItemUnit = InfoRs(8)
InfoRs.Close:Set InfoRs=Nothing
end if

%>

还有一个跨站漏洞！

代码就不说了 很乱的在Article.asp 中！直接发布文章 在文章内容加入跨站代码就可以了