VULHUB ™

### 简要描述： RT ### 详细说明： SQL注入文件： ``` /anmai/KY_Mamage/Others/Technic_Cession_Right.aspx ``` SQL注入案例： ``` http://218.78.241.80/anmai/KY_Mamage/Others/Technic_Cession_Right.aspx?depname=a http://jmzx.xmedu.cn:9999/anmai/KY_Mamage/Others/Technic_Cession_Right.aspx?depname=a http://oa.w12z.com/anmai/KY_Mamage/Others/Technic_Cession_Right.aspx?depname=a http://www.gxbyzx.cn:88/anmai/KY_Mamage/Others/Technic_Cession_Right.aspx?depname=a http://www.xwgjzx.com:8888/anmai/KY_Mamage/Others/Technic_Cession_Right.aspx?depname=a http://szxx.pudong-edu.sh.cn/anmai/KY_Mamage/Others/Technic_Cession_Right.aspx?depname=a ``` ### 漏洞证明： SQL注入测试一： ``` http://218.78.241.80/anmai/KY_Mamage/Others/Technic_Cession_Right.aspx?depname=a ``` [<img src="https://images.seebug.org/upload/201503/262349575e0052ff9fcc193e0869d050e0198857.jpg" alt="01.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201503/262349575e0052ff9fcc193e0869d050e0198857.jpg) ``` 当前用户和数据库 ``` [<img...

### 简要描述： RT ### 详细说明： SQL注入文件： ``` /anmai/KY_Mamage/Others/Technic_Cession_Right.aspx ``` SQL注入案例： ``` http://218.78.241.80/anmai/KY_Mamage/Others/Technic_Cession_Right.aspx?depname=a http://jmzx.xmedu.cn:9999/anmai/KY_Mamage/Others/Technic_Cession_Right.aspx?depname=a http://oa.w12z.com/anmai/KY_Mamage/Others/Technic_Cession_Right.aspx?depname=a http://www.gxbyzx.cn:88/anmai/KY_Mamage/Others/Technic_Cession_Right.aspx?depname=a http://www.xwgjzx.com:8888/anmai/KY_Mamage/Others/Technic_Cession_Right.aspx?depname=a http://szxx.pudong-edu.sh.cn/anmai/KY_Mamage/Others/Technic_Cession_Right.aspx?depname=a ``` ### 漏洞证明： SQL注入测试一： ``` http://218.78.241.80/anmai/KY_Mamage/Others/Technic_Cession_Right.aspx?depname=a ``` [<img src="https://images.seebug.org/upload/201503/262349575e0052ff9fcc193e0869d050e0198857.jpg" alt="01.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201503/262349575e0052ff9fcc193e0869d050e0198857.jpg) ``` 当前用户和数据库 ``` [<img src="https://images.seebug.org/upload/201503/26235012928d167bfb01fa9aaa3f1ac18d7205db.jpg" alt="02.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201503/26235012928d167bfb01fa9aaa3f1ac18d7205db.jpg) ``` ``` SQL注入测试二： ``` http://jmzx.xmedu.cn:9999/anmai/KY_Mamage/Others/Technic_Cession_Right.aspx?depname=a ``` [<img src="https://images.seebug.org/upload/201503/26235033cc1acaa319ecaf41108435bf3f180b9d.jpg" alt="03.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201503/26235033cc1acaa319ecaf41108435bf3f180b9d.jpg) ``` 当前用户和数据库 ``` [<img src="https://images.seebug.org/upload/201503/2623504558b81ef8cdc949115b73a722c89f5728.jpg" alt="04.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201503/2623504558b81ef8cdc949115b73a722c89f5728.jpg) ``` ``` SQL注入测试三： ``` http://www.gxbyzx.cn:88/anmai/KY_Mamage/Others/Technic_Cession_Right.aspx?depname=a ``` [<img src="https://images.seebug.org/upload/201503/26235059457a00716643cdcfae849195235990b3.jpg" alt="05.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201503/26235059457a00716643cdcfae849195235990b3.jpg) ``` 当前用户和数据库 ``` [<img src="https://images.seebug.org/upload/201503/262351114ada0cedbcd87ab162bc84582586182c.jpg" alt="06.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201503/262351114ada0cedbcd87ab162bc84582586182c.jpg) ``` ```