VULHUB ™

### 简要描述： 嗯，就是一个注入而已 ### 详细说明： 注入地址： shelf/curriculum.php 参数： type 测试： 1.1.http://202.201.163.2:8080/shelf/curriculum.php?type=name&q=%E8%88%9E%E8%B9%88%E5%AD%A6&submit=%E6%A3%80%E7%B4%A2 [<img src="https://images.seebug.org/upload/201508/04170444884053e99d19650e254f6cc2141f5877.png" alt="3.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201508/04170444884053e99d19650e254f6cc2141f5877.png) 2.http://library.djtu.edu.cn/webphp/shelf/curriculum.php?type=name&q=%E8%88%9E%E8%B9%88%E5%AD%A6&submit=%E6%A3%80%E7%B4%A2 [<img src="https://images.seebug.org/upload/201508/0417055582c31dba7386edb45461e991222f0490.png" alt="4.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201508/0417055582c31dba7386edb45461e991222f0490.png) ### 漏洞证明： [<img src="https://images.seebug.org/upload/201508/0417055582c31dba7386edb45461e991222f0490.png" alt="4.png" width="600"...

### 简要描述： 嗯，就是一个注入而已 ### 详细说明： 注入地址： shelf/curriculum.php 参数： type 测试： 1.1.http://202.201.163.2:8080/shelf/curriculum.php?type=name&q=%E8%88%9E%E8%B9%88%E5%AD%A6&submit=%E6%A3%80%E7%B4%A2 [<img src="https://images.seebug.org/upload/201508/04170444884053e99d19650e254f6cc2141f5877.png" alt="3.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201508/04170444884053e99d19650e254f6cc2141f5877.png) 2.http://library.djtu.edu.cn/webphp/shelf/curriculum.php?type=name&q=%E8%88%9E%E8%B9%88%E5%AD%A6&submit=%E6%A3%80%E7%B4%A2 [<img src="https://images.seebug.org/upload/201508/0417055582c31dba7386edb45461e991222f0490.png" alt="4.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201508/0417055582c31dba7386edb45461e991222f0490.png) ### 漏洞证明： [<img src="https://images.seebug.org/upload/201508/0417055582c31dba7386edb45461e991222f0490.png" alt="4.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201508/0417055582c31dba7386edb45461e991222f0490.png) 其他案例： http://opac.wzu.edu.cn/shelf/curriculum.php?type=name&q=%E8%88%9E%E8%B9%88%E5%AD%A6&submit=%E6%A3%80%E7%B4%A2 http://opac.sju.js.cn:8080/shelf/curriculum.php?type=name&q=%E8%88%9E%E8%B9%88%E5%AD%A6&submit=%E6%A3%80%E7%B4%A2 http://210.28.144.20:206/shelf/curriculum.php?type=name&q=%E8%88%9E%E8%B9%88%E5%AD%A6&submit=%E6%A3%80%E7%B4%A2 http://210.35.251.243//shelf/curriculum.php?type=name&q=%E8%88%9E%E8%B9%88%E5%AD%A6&submit=%E6%A3%80%E7%B4%A2 http://210.33.91.65:8080//shelf/curriculum.php?type=name&q=%E8%88%9E%E8%B9%88%E5%AD%A6&submit=%E6%A3%80%E7%B4%A2