某教学系统存在注入漏洞

- AV AC AU C I A
发布: 2025-04-13
修订: 2025-04-13

### 简要描述: RT ### 详细说明: 注入文件: ``` /anmai/KY_Mamage/Others/Communion_Incept_Right.aspx ``` 案例: ``` http://218.78.241.80/anmai/KY_Mamage/Others/Communion_Incept_Right.aspx?depname=a http://jmzx.xmedu.cn:9999/anmai/KY_Mamage/Others/Communion_Incept_Right.aspx?depname=a http://www.gxbyzx.cn:88/anmai/KY_Mamage/Others/Communion_Incept_Right.aspx?depname=a http://oa.w12z.com/anmai/KY_Mamage/Others/Communion_Incept_Right.aspx?depname=a http://www.xwgjzx.com:8888/anmai/KY_Mamage/Others/Communion_Incept_Right.aspx?depname=a http://szxx.pudong-edu.sh.cn/anmai/KY_Mamage/Others/Communion_Incept_Right.aspx?depname=a ``` ### 漏洞证明: 时间关系,我就测试一个: ``` http://218.78.241.80/anmai/KY_Mamage/Others/Communion_Incept_Right.aspx?depname=a ``` [<img src="https://images.seebug.org/upload/201503/2823022593314f9a4aaae3ef436e6306eef08528.jpg" alt="01.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201503/2823022593314f9a4aaae3ef436e6306eef08528.jpg) ``` 当前用户和数据库 ``` [<img...

0%

漏洞利用/PoC

暂无可用Exp或PoC

受影响的平台与产品

当前有0条受影响产品信息