VULHUB ™

### 简要描述： RT ### 详细说明： SQL注入文件： ``` /anmai/SF_Manage/tfallremove.aspx ``` 案例： ``` http://218.78.241.80/anmai/SF_Manage/tfallremove.aspx?tfid=1 http://jmzx.xmedu.cn:9999/anmai/SF_Manage/tfallremove.aspx?tfid=1 http://www.gxbyzx.cn:88/anmai/SF_Manage/tfallremove.aspx?tfid=1 http://oa.w12z.com/anmai/SF_Manage/tfallremove.aspx?tfid=1 http://www.xwgjzx.com:8888/anmai/SF_Manage/tfallremove.aspx?tfid=1 ``` ### 漏洞证明： SQL注入测试一： ``` http://218.78.241.80/anmai/SF_Manage/tfallremove.aspx?tfid=1 ``` [<img src="https://images.seebug.org/upload/201504/09181952499dd7d91401ae99e0e48923afcdbb04.jpg" alt="01.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201504/09181952499dd7d91401ae99e0e48923afcdbb04.jpg) ``` 当前用户和数据库 ``` [<img src="https://images.seebug.org/upload/201504/09182003154ba4e37735410c4493faa7a5761085.jpg" alt="02.jpg" width="600"...

### 简要描述： RT ### 详细说明： SQL注入文件： ``` /anmai/SF_Manage/tfallremove.aspx ``` 案例： ``` http://218.78.241.80/anmai/SF_Manage/tfallremove.aspx?tfid=1 http://jmzx.xmedu.cn:9999/anmai/SF_Manage/tfallremove.aspx?tfid=1 http://www.gxbyzx.cn:88/anmai/SF_Manage/tfallremove.aspx?tfid=1 http://oa.w12z.com/anmai/SF_Manage/tfallremove.aspx?tfid=1 http://www.xwgjzx.com:8888/anmai/SF_Manage/tfallremove.aspx?tfid=1 ``` ### 漏洞证明： SQL注入测试一： ``` http://218.78.241.80/anmai/SF_Manage/tfallremove.aspx?tfid=1 ``` [<img src="https://images.seebug.org/upload/201504/09181952499dd7d91401ae99e0e48923afcdbb04.jpg" alt="01.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201504/09181952499dd7d91401ae99e0e48923afcdbb04.jpg) ``` 当前用户和数据库 ``` [<img src="https://images.seebug.org/upload/201504/09182003154ba4e37735410c4493faa7a5761085.jpg" alt="02.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201504/09182003154ba4e37735410c4493faa7a5761085.jpg) ``` ``` SQL注入测试二： ``` http://jmzx.xmedu.cn:9999/anmai/SF_Manage/tfallremove.aspx?tfid=1 ``` [<img src="https://images.seebug.org/upload/201504/0918202542dc66b339993b52d1de1568c8c7b4b5.jpg" alt="03.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201504/0918202542dc66b339993b52d1de1568c8c7b4b5.jpg) ``` 当前用户和数据库 ``` [<img src="https://images.seebug.org/upload/201504/09182040e2f8bf4fe69c0885feea0aaf902079e4.jpg" alt="04.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201504/09182040e2f8bf4fe69c0885feea0aaf902079e4.jpg) ``` ``` SQL注入测试三： ``` http://www.gxbyzx.cn:88/anmai/SF_Manage/tfallremove.aspx?tfid=1 ``` [<img src="https://images.seebug.org/upload/201504/0918205831d1a7e8dd0e71c34c16cf8837cb6897.jpg" alt="05.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201504/0918205831d1a7e8dd0e71c34c16cf8837cb6897.jpg) ``` 当前用户和数据库 ``` [<img src="https://images.seebug.org/upload/201504/09182108318dbf7446ee876eae00d750c3735c29.jpg" alt="06.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201504/09182108318dbf7446ee876eae00d750c3735c29.jpg) ``` ```