VULHUB ™

### 简要描述： 日了Feng狗···跑的好慢 ### 详细说明： intitle:Login to webmail http://hanwang.com.cn/login.php 这个貌似是不存在注入的，但是对应的邮箱域管理的后台登陆有post注入 http://mail.tofine.com:8090/login.php 以及 http://mail.tofine.com:8090/sys/login.php http://mail.kddl.cn:8090/sys/login.php http://mail.cqdc.com:8090/sys/login.php http://pop3.huaxia.com:8090/sys/login.php http://mail.nxcqcz.com:8090//sys/login.php http://mail.kmgfsj.cn:8090/login.php http://mail.nxcqcz.com:8090/login.php http://mail.timeloit.com:8090/login.php http://mail.dx-job.com:8090/sys/login.php [<img src="https://images.seebug.org/upload/201506/251253258acfaa31d3afec8c2844770d76eaf33b.jpg" alt="QQ截图20150609215544.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201506/251253258acfaa31d3afec8c2844770d76eaf33b.jpg) [<img src="https://images.seebug.org/upload/201506/25125331786c05f813ffddf5f083552f7a3c0e49.jpg" alt="QQ截图20150611121102.jpg" width="600"...

### 简要描述： 日了Feng狗···跑的好慢 ### 详细说明： intitle:Login to webmail http://hanwang.com.cn/login.php 这个貌似是不存在注入的，但是对应的邮箱域管理的后台登陆有post注入 http://mail.tofine.com:8090/login.php 以及 http://mail.tofine.com:8090/sys/login.php http://mail.kddl.cn:8090/sys/login.php http://mail.cqdc.com:8090/sys/login.php http://pop3.huaxia.com:8090/sys/login.php http://mail.nxcqcz.com:8090//sys/login.php http://mail.kmgfsj.cn:8090/login.php http://mail.nxcqcz.com:8090/login.php http://mail.timeloit.com:8090/login.php http://mail.dx-job.com:8090/sys/login.php [<img src="https://images.seebug.org/upload/201506/251253258acfaa31d3afec8c2844770d76eaf33b.jpg" alt="QQ截图20150609215544.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201506/251253258acfaa31d3afec8c2844770d76eaf33b.jpg) [<img src="https://images.seebug.org/upload/201506/25125331786c05f813ffddf5f083552f7a3c0e49.jpg" alt="QQ截图20150611121102.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201506/25125331786c05f813ffddf5f083552f7a3c0e49.jpg) ### 漏洞证明： POST /sys/login.php?cmd=login HTTP/1.1 Host: mail.kddl.cn:8090 Content-Length: 92 Cache-Control: max-age=0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 Origin: http://mail.kddl.cn:8090 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.76 Safari/537.36 Content-Type: application/x-www-form-urlencoded DNT: 1 Referer: http://mail.kddl.cn:8090/sys/login.php?cmd=form&Lang=zh_CN Accept-Encoding: gzip, deflate Accept-Language: zh-CN,zh;q=0.8 Cookie: PHPSESSID=auj9l8ulu17e62ktj9h47qakf1; domain=11111211111111 sysadmin=111111111&passwd=222222222222&language=zh_CN&Lang=zh_CN&submit1=%E7%99%BB+%E5%BD%95 sysadmin参数有注入