VULHUB ™

### 简要描述： RT ### 详细说明： SQL注入地址： ``` /anmai/KY_Mamage/Integrate_Select/OutlayEarning_Select_particular.aspx ``` SQL注入案例： ``` http://218.78.241.80/anmai/KY_Mamage/Integrate_Select/OutlayEarning_Select_particular.aspx?id=1 http://jmzx.xmedu.cn:9999/anmai/KY_Mamage/Integrate_Select/OutlayEarning_Select_particular.aspx?id=1 http://www.gxbyzx.cn:88/anmai/KY_Mamage/Integrate_Select/OutlayEarning_Select_particular.aspx?id=1 http://oa.w12z.com/anmai/KY_Mamage/Integrate_Select/OutlayEarning_Select_particular.aspx?id=1 http://www.xwgjzx.com:8888/anmai/KY_Mamage/Integrate_Select/OutlayEarning_Select_particular.aspx?id=1 ``` ### 漏洞证明： SQL注入测试一： ``` http://218.78.241.80/anmai/KY_Mamage/Integrate_Select/OutlayEarning_Select_particular.aspx?id=1 ``` [<img src="https://images.seebug.org/upload/201504/062039363df107b83f2798c86c74fdc8ccce6b3d.jpg" alt="01.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201504/062039363df107b83f2798c86c74fdc8ccce6b3d.jpg) ```...

### 简要描述： RT ### 详细说明： SQL注入地址： ``` /anmai/KY_Mamage/Integrate_Select/OutlayEarning_Select_particular.aspx ``` SQL注入案例： ``` http://218.78.241.80/anmai/KY_Mamage/Integrate_Select/OutlayEarning_Select_particular.aspx?id=1 http://jmzx.xmedu.cn:9999/anmai/KY_Mamage/Integrate_Select/OutlayEarning_Select_particular.aspx?id=1 http://www.gxbyzx.cn:88/anmai/KY_Mamage/Integrate_Select/OutlayEarning_Select_particular.aspx?id=1 http://oa.w12z.com/anmai/KY_Mamage/Integrate_Select/OutlayEarning_Select_particular.aspx?id=1 http://www.xwgjzx.com:8888/anmai/KY_Mamage/Integrate_Select/OutlayEarning_Select_particular.aspx?id=1 ``` ### 漏洞证明： SQL注入测试一： ``` http://218.78.241.80/anmai/KY_Mamage/Integrate_Select/OutlayEarning_Select_particular.aspx?id=1 ``` [<img src="https://images.seebug.org/upload/201504/062039363df107b83f2798c86c74fdc8ccce6b3d.jpg" alt="01.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201504/062039363df107b83f2798c86c74fdc8ccce6b3d.jpg) ``` 当前用户和数据库 ``` [<img src="https://images.seebug.org/upload/201504/06203946f670699c922ad84844d88a80b2b2015e.jpg" alt="02.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201504/06203946f670699c922ad84844d88a80b2b2015e.jpg) ``` ``` SQL注入二： ``` http://jmzx.xmedu.cn:9999/anmai/KY_Mamage/Integrate_Select/OutlayEarning_Select_particular.aspx?id=1 ``` [<img src="https://images.seebug.org/upload/201504/062040536420ce9fdb752359ebc53532cbb1d304.jpg" alt="03.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201504/062040536420ce9fdb752359ebc53532cbb1d304.jpg) ``` 当前用户和数据库 ``` [<img src="https://images.seebug.org/upload/201504/06204104d1ee8712aaaa64241e0781d954a8dc1d.jpg" alt="04.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201504/06204104d1ee8712aaaa64241e0781d954a8dc1d.jpg) ``` ``` SQL注入三： ``` http://www.gxbyzx.cn:88/anmai/KY_Mamage/Integrate_Select/OutlayEarning_Select_particular.aspx?id=1 ``` [<img src="https://images.seebug.org/upload/201504/062043564cc7ab3209358f289a8b3b439e5df6b3.jpg" alt="05.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201504/062043564cc7ab3209358f289a8b3b439e5df6b3.jpg) ``` 当前用户和数据库 ``` [<img src="https://images.seebug.org/upload/201504/06204417d7477df1c06d9b922d7bd245f4899ce9.jpg" alt="06.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201504/06204417d7477df1c06d9b922d7bd245f4899ce9.jpg) ``` ```