Event code: 3005
Event message: An unhandled exception has occurred.
Event time: 2010-1-31 12:57:42
Event time (UTC): 2010-1-31 4:57:42
Event ID: a7b5573c49d9423f9cc8c08ca293aa71
Event sequence: 10963
Event occurrence: 16
Event detail code: 0
Application information:
Application domain: /LM/W3SVC/1849279060/Root-2-129093771234687500
Trust level: Full
Application Virtual Path: /
Application Path: E:\homepage\xiangdang\
Machine name: HELLOWORLD
Process information:
Process ID: 3452
Process name: w3wp.exe
Account name: NT AUTHORITY\NETWORK SERVICE
Exception information:
Exception type: FormatException
Exception message: Input string was not in a correct format.
Request information:
Request URL: http://www.xiangdang.net/fanwen.aspx?id=18911' and char(124)+user+char(124)=0 and ''='
Request path: /fanwen.aspx
User host address: 60.181.156.60
User:
Is authenticated: False
Authentication Type:
Thread account name: NT AUTHORITY\NETWORK SERVICE
Thread information:
Thread ID: 10
Thread account name: NT AUTHORITY\NETWORK SERVICE
Is impersonating: False
Stack trace: at System.Number.StringToNumber(String str, NumberStyles options, NumberBuffer& number, NumberFormatInfo info, Boolean parseDecimal)
at System.Number.ParseInt32(String s, NumberStyles style, NumberFormatInfo info)
at System.Int32.Parse(String s)
at ArticalDetial.Page_Load(Object sender, EventArgs e)
at System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e)
at System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object sender, EventArgs e)
at System.Web.UI.Control.OnLoad(EventArgs e)
at System.Web.UI.Control.LoadRecursive()
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
Custom event details: 有关更多信息,请参阅在 http://go.microsoft.com/fwlink/events.asp 的帮助和支持中心。
Event message: An unhandled exception has occurred.
Event time: 2010-1-31 12:57:42
Event time (UTC): 2010-1-31 4:57:42
Event ID: a7b5573c49d9423f9cc8c08ca293aa71
Event sequence: 10963
Event occurrence: 16
Event detail code: 0
Application information:
Application domain: /LM/W3SVC/1849279060/Root-2-129093771234687500
Trust level: Full
Application Virtual Path: /
Application Path: E:\homepage\xiangdang\
Machine name: HELLOWORLD
Process information:
Process ID: 3452
Process name: w3wp.exe
Account name: NT AUTHORITY\NETWORK SERVICE
Exception information:
Exception type: FormatException
Exception message: Input string was not in a correct format.
Request information:
Request URL: http://www.xiangdang.net/fanwen.aspx?id=18911' and char(124)+user+char(124)=0 and ''='
Request path: /fanwen.aspx
User host address: 60.181.156.60
User:
Is authenticated: False
Authentication Type:
Thread account name: NT AUTHORITY\NETWORK SERVICE
Thread information:
Thread ID: 10
Thread account name: NT AUTHORITY\NETWORK SERVICE
Is impersonating: False
Stack trace: at System.Number.StringToNumber(String str, NumberStyles options, NumberBuffer& number, NumberFormatInfo info, Boolean parseDecimal)
at System.Number.ParseInt32(String s, NumberStyles style, NumberFormatInfo info)
at System.Int32.Parse(String s)
at ArticalDetial.Page_Load(Object sender, EventArgs e)
at System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e)
at System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object sender, EventArgs e)
at System.Web.UI.Control.OnLoad(EventArgs e)
at System.Web.UI.Control.LoadRecursive()
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
Custom event details: 有关更多信息,请参阅在 http://go.microsoft.com/fwlink/events.asp 的帮助和支持中心。
Event message: An unhandled exception has occurred.
Event time: 2010-1-31 10:22:42
Event time (UTC): 2010-1-31 2:22:42
Event ID: 31d7a797977b4a2d8d47b69f1b705c22
Event sequence: 1616
Event occurrence: 1
Event detail code: 0
Application information:
Application domain: /LM/W3SVC/1849279060/Root-2-129093771234687500
Trust level: Full
Application Virtual Path: /
Application Path: E:\homepage\xiangdang\
Machine name: HELLOWORLD
Process information:
Process ID: 3452
Process name: w3wp.exe
Account name: NT AUTHORITY\NETWORK SERVICE
Exception information:
Exception type: FormatException
Exception message: Input string was not in a correct format.
Request information:
Request URL: http://www.xiangdang.net/fanwen.aspx?id=9063 and char(124)+user+char(124)=0
Request path: /fanwen.aspx
User host address: 221.10.203.176
User:
Is authenticated: False
Authentication Type:
Thread account name: NT AUTHORITY\NETWORK SERVICE
Thread information:
Thread ID: 1
Thread account name: NT AUTHORITY\NETWORK SERVICE
Is impersonating: False
Stack trace: at System.Number.StringToNumber(String str, NumberStyles options, NumberBuffer& number, NumberFormatInfo info, Boolean parseDecimal)
at System.Number.ParseInt32(String s, NumberStyles style, NumberFormatInfo info)
at System.Int32.Parse(String s)
at ArticalDetial.Page_Load(Object sender, EventArgs e) in e:\homepage\xiangdang\ArticalDetial.aspx.cs:line 63
at System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e)
at System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object sender, EventArgs e)
at System.Web.UI.Control.OnLoad(EventArgs e)
at System.Web.UI.Control.LoadRecursive()
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
Custom event details: 有关更多信息,请参阅在 http://go.microsoft.com/fwlink/events.asp 的帮助和支持中心。
Exception type: SqlException
Exception message: 字符串 ') as t ' 之前有未闭合的引号。
第 1 行: ') as t ' 附近有语法错误。
字符串 ') AS t0
ORDER BY checkdate desc) AS t1
ORDER BY checkdate ASC) AS t2
ORDER BY checkdate desc' 之前有未闭合的引号。
第 4 行: ') AS t0
ORDER BY checkdate desc) AS t1
ORDER BY checkdate ASC) AS t2
ORDER BY checkdate desc' 附近有语法错误。
Request information:
Request URL: http://www.xiangdang.net/worddoc.aspx?id=9'
Request path: /worddoc.aspx
User host address: 66.219.17.82
http://www.xiangdang.net/worddoc.aspx?id=9'
很明显,查询参数多了单引号,导致你拼接的SQL语句出错。这样你的这个URL是存在SQL注入危险的。建议你先判断或转换,再处理。不要使用你拼接的SQL语句,可用参数化你的SQL语句。
事件类型: 警告
事件来源: ASP.NET 4.0.30319.0
事件种类: Web Event
事件 ID: 1309
日期: 2012-7-5
事件: 16:32:13
用户: N/A
计算机: DLZZB1
描述:
Event code: 3005
Event message: An unhandled exception has occurred.
Event time: 2012-7-5 16:32:13
Event time (UTC): 2012-7-5 8:32:13
Event ID: aa0931a6586a408f902a5c007d67defc
Event sequence: 105
Event occurrence: 6
Event detail code: 0
Application information:
Application domain: /LM/W3SVC/1/Root/oasystem-1-129859496521718750
Trust level: Full
Application Virtual Path: /oasystem
Application Path: C:\inetpub\wwwroot\oasystem\
Machine name: DLZZB1
Process information:
Process ID: 644
Process name: aspnet_wp.exe
Account name: DLZZB1\ASPNET
Exception information:
Exception type: HttpException
Exception message: Unable to validate data.
at System.Web.Configuration.MachineKeySection.EncryptOrDecryptData(Boolean fEncrypt, Byte[] buf, Byte[] modifier, Int32 start, Int32 length, Boolean useValidationSymAlgo, Boolean useLegacyMode, IVType ivType, Boolean signData)
at System.Web.UI.Page.EncryptStringWithIV(String s, IVType ivType)
at System.Web.Handlers.ScriptResourceHandler.RuntimeScriptResourceHandler.GetScriptResourceUrlImpl(List`1 assemblyResourceLists, Boolean zip)
at System.Web.Handlers.ScriptResourceHandler.RuntimeScriptResourceHandler.System.Web.Handlers.IScriptResourceHandler.GetScriptResourceUrl(List`1 assemblyResourceLists, Boolean zip)
at System.Web.Handlers.ScriptResourceHandler.RuntimeScriptResourceHandler.System.Web.Handlers.IScriptResourceHandler.GetScriptResourceUrl(Assembly assembly, String resourceName, CultureInfo culture, Boolean zip)
at System.Web.UI.ScriptReference.GetUrlFromName(ScriptManager scriptManager, IControl scriptManagerControl, Boolean zip)
at System.Web.UI.ScriptReference.GetUrlInternal(ScriptManager scriptManager, Boolean zip)
at System.Web.UI.ScriptReference.GetUrl(ScriptManager scriptManager, Boolean zip)
at System.Web.UI.ScriptManager.RegisterUniqueScripts(List`1 uniqueScripts)
at System.Web.UI.ScriptManager.RegisterScripts()
at System.Web.UI.ScriptManager.OnPagePreRenderComplete(Object sender, EventArgs e)
at System.Web.UI.Page.OnPreRenderComplete(EventArgs e)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
Request information:
Request URL: http://19.109.65.123/oasystem/MsgBoard/Tips.aspx
Request path: /oasystem/MsgBoard/Tips.aspx
User host address: 19.109.65.123
User:
Is authenticated: False
Authentication Type:
Thread account name: DLZZB1\ASPNET
Thread information:
Thread ID: 1
Thread account name: DLZZB1\ASPNET
Is impersonating: False
Stack trace: at System.Web.Configuration.MachineKeySection.EncryptOrDecryptData(Boolean fEncrypt, Byte[] buf, Byte[] modifier, Int32 start, Int32 length, Boolean useValidationSymAlgo, Boolean useLegacyMode, IVType ivType, Boolean signData)
at System.Web.UI.Page.EncryptStringWithIV(String s, IVType ivType)
at System.Web.Handlers.ScriptResourceHandler.RuntimeScriptResourceHandler.GetScriptResourceUrlImpl(List`1 assemblyResourceLists, Boolean zip)
at System.Web.Handlers.ScriptResourceHandler.RuntimeScriptResourceHandler.System.Web.Handlers.IScriptResourceHandler.GetScriptResourceUrl(List`1 assemblyResourceLists, Boolean zip)
at System.Web.Handlers.ScriptResourceHandler.RuntimeScriptResourceHandler.System.Web.Handlers.IScriptResourceHandler.GetScriptResourceUrl(Assembly assembly, String resourceName, CultureInfo culture, Boolean zip)
at System.Web.UI.ScriptReference.GetUrlFromName(ScriptManager scriptManager, IControl scriptManagerControl, Boolean zip)
at System.Web.UI.ScriptReference.GetUrlInternal(ScriptManager scriptManager, Boolean zip)
at System.Web.UI.ScriptReference.GetUrl(ScriptManager scriptManager, Boolean zip)
at System.Web.UI.ScriptManager.RegisterUniqueScripts(List`1 uniqueScripts)
at System.Web.UI.ScriptManager.RegisterScripts()
at System.Web.UI.ScriptManager.OnPagePreRenderComplete(Object sender, EventArgs e)
at System.Web.UI.Page.OnPreRenderComplete(EventArgs e)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
Custom event details: 有关更多信息,请参阅在 http://go.microsoft.com/fwlink/events.asp 的帮助和支持中心。