VULHUB ™

### 简要描述： RT ### 详细说明： SQL注入文件： ``` /anmai/SF_Manage/tfdeleN.aspx ``` 案例： ``` http://218.78.241.80/anmai/SF_Manage/tfdeleN.aspx?tfid=1 http://jmzx.xmedu.cn:9999/anmai/SF_Manage/tfdeleN.aspx?tfid=1 http://www.gxbyzx.cn:88/anmai/SF_Manage/tfdeleN.aspx?tfid=1 http://oa.w12z.com/anmai/SF_Manage/tfdeleN.aspx?tfid=1 http://www.xwgjzx.com:8888/anmai/SF_Manage/tfdeleN.aspx?tfid=1 ``` ### 漏洞证明： SQL注入测试一： ``` http://218.78.241.80/anmai/SF_Manage/tfdeleN.aspx?tfid=1 ``` [<img src="https://images.seebug.org/upload/201504/09174758c925d6992a8a48d93202e9e86a9d8a55.jpg" alt="01.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201504/09174758c925d6992a8a48d93202e9e86a9d8a55.jpg) ``` 当前用户和数据库 ``` [<img src="https://images.seebug.org/upload/201504/091748115fea52aef489482133cd7eed902c2cc3.jpg" alt="02.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201504/091748115fea52aef489482133cd7eed902c2cc3.jpg) ``` ``` SQL注入测试二： ```...

### 简要描述： RT ### 详细说明： SQL注入文件： ``` /anmai/SF_Manage/tfdeleN.aspx ``` 案例： ``` http://218.78.241.80/anmai/SF_Manage/tfdeleN.aspx?tfid=1 http://jmzx.xmedu.cn:9999/anmai/SF_Manage/tfdeleN.aspx?tfid=1 http://www.gxbyzx.cn:88/anmai/SF_Manage/tfdeleN.aspx?tfid=1 http://oa.w12z.com/anmai/SF_Manage/tfdeleN.aspx?tfid=1 http://www.xwgjzx.com:8888/anmai/SF_Manage/tfdeleN.aspx?tfid=1 ``` ### 漏洞证明： SQL注入测试一： ``` http://218.78.241.80/anmai/SF_Manage/tfdeleN.aspx?tfid=1 ``` [<img src="https://images.seebug.org/upload/201504/09174758c925d6992a8a48d93202e9e86a9d8a55.jpg" alt="01.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201504/09174758c925d6992a8a48d93202e9e86a9d8a55.jpg) ``` 当前用户和数据库 ``` [<img src="https://images.seebug.org/upload/201504/091748115fea52aef489482133cd7eed902c2cc3.jpg" alt="02.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201504/091748115fea52aef489482133cd7eed902c2cc3.jpg) ``` ``` SQL注入测试二： ``` http://jmzx.xmedu.cn:9999/anmai/SF_Manage/tfdeleN.aspx?tfid=1 ``` [<img src="https://images.seebug.org/upload/201504/091748280e8f00e6dd2a24a6fb9c58559e9da1af.jpg" alt="03.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201504/091748280e8f00e6dd2a24a6fb9c58559e9da1af.jpg) ``` 当前用户和数据库 ``` [<img src="https://images.seebug.org/upload/201504/09174839facbc2939cd693d6928a4ab1169225fe.jpg" alt="04.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201504/09174839facbc2939cd693d6928a4ab1169225fe.jpg) ``` ``` SQL注入测试三： ``` http://www.gxbyzx.cn:88/anmai/SF_Manage/tfdeleN.aspx?tfid=1 ``` [<img src="https://images.seebug.org/upload/201504/09174906f59df6cd91836c06ce1912fc02b254e4.jpg" alt="05.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201504/09174906f59df6cd91836c06ce1912fc02b254e4.jpg) ``` 当前用户和数据库 ``` [<img src="https://images.seebug.org/upload/201504/09174919627491d7c724c718080ac13de7896f96.jpg" alt="06.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201504/09174919627491d7c724c718080ac13de7896f96.jpg) ``` ```