VULHUB ™

### 简要描述： RT ### 详细说明： SQL注入文件： ``` /anmai\KY_Mamage\Plan_Task\Task_OutlayEarning_Right.aspx ``` SQL注入案例： ``` http://218.78.241.80/anmai\KY_Mamage\Plan_Task\Task_OutlayEarning_Right.aspx?depname=a http://jmzx.xmedu.cn:9999/anmai\KY_Mamage\Plan_Task\Task_OutlayEarning_Right.aspx?depname=a http://www.gxbyzx.cn:88/anmai\KY_Mamage\Plan_Task\Task_OutlayEarning_Right.aspx?depname=a http://oa.w12z.com/anmai\KY_Mamage\Plan_Task\Task_OutlayEarning_Right.aspx?depname=a http://www.xwgjzx.com:8888/anmai\KY_Mamage\Plan_Task\Task_OutlayEarning_Right.aspx?depname=a ``` ### 漏洞证明： SQL注入测试一： ``` http://218.78.241.80/anmai\KY_Mamage\Plan_Task\Task_OutlayEarning_Right.aspx?depname=a ``` [<img src="https://images.seebug.org/upload/201504/07225103e95e8349be4e7712db117d3291d43316.jpg" alt="01.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201504/07225103e95e8349be4e7712db117d3291d43316.jpg) ``` 当前用户和数据库 ``` [<img...

### 简要描述： RT ### 详细说明： SQL注入文件： ``` /anmai\KY_Mamage\Plan_Task\Task_OutlayEarning_Right.aspx ``` SQL注入案例： ``` http://218.78.241.80/anmai\KY_Mamage\Plan_Task\Task_OutlayEarning_Right.aspx?depname=a http://jmzx.xmedu.cn:9999/anmai\KY_Mamage\Plan_Task\Task_OutlayEarning_Right.aspx?depname=a http://www.gxbyzx.cn:88/anmai\KY_Mamage\Plan_Task\Task_OutlayEarning_Right.aspx?depname=a http://oa.w12z.com/anmai\KY_Mamage\Plan_Task\Task_OutlayEarning_Right.aspx?depname=a http://www.xwgjzx.com:8888/anmai\KY_Mamage\Plan_Task\Task_OutlayEarning_Right.aspx?depname=a ``` ### 漏洞证明： SQL注入测试一： ``` http://218.78.241.80/anmai\KY_Mamage\Plan_Task\Task_OutlayEarning_Right.aspx?depname=a ``` [<img src="https://images.seebug.org/upload/201504/07225103e95e8349be4e7712db117d3291d43316.jpg" alt="01.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201504/07225103e95e8349be4e7712db117d3291d43316.jpg) ``` 当前用户和数据库 ``` [<img src="https://images.seebug.org/upload/201504/072258469a4da5446503445d452f87a5564cf69d.jpg" alt="02.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201504/072258469a4da5446503445d452f87a5564cf69d.jpg) ``` 当前用户和数据库 ``` [<img src="https://images.seebug.org/upload/201504/07230243ac05c63906feec30ddc1f5021c15b4dc.jpg" alt="04.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201504/07230243ac05c63906feec30ddc1f5021c15b4dc.jpg) ``` ``` SQL注入测试二： ``` http://jmzx.xmedu.cn:9999/anmai\KY_Mamage\Plan_Task\Task_OutlayEarning_Right.aspx?depname=a ``` SQL注入测试三： ``` http://www.gxbyzx.cn:88/anmai\KY_Mamage\Plan_Task\Task_OutlayEarning_Right.aspx?depname=a ``` [<img src="https://images.seebug.org/upload/201504/0723025454f23ce213f5a22d7519bfaf23b62463.jpg" alt="05.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201504/0723025454f23ce213f5a22d7519bfaf23b62463.jpg) ``` 当前用户和数据库 ``` [<img src="https://images.seebug.org/upload/201504/072303086a8a3c348cc3211a19fabc94dad7b2e6.jpg" alt="06.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201504/072303086a8a3c348cc3211a19fabc94dad7b2e6.jpg) ``` ```