VULHUB ™

### 简要描述： RT ### 详细说明： SQL注入文件： ``` /anmai/Elective/ClassInfo/CallOverDown.aspx ``` 案例： ``` http://jmzx.xmedu.cn:9999/anmai/Elective/ClassInfo/CallOverDown.aspx?itemid=1 http://www.gxbyzx.cn:88/anmai/Elective/ClassInfo/CallOverDown.aspx?itemid=1 http://szxx.pudong-edu.sh.cn/anmai/Elective/ClassInfo/CallOverDown.aspx?itemid=1 http://218.78.241.80/anmai/Elective/ClassInfo/CallOverDown.aspx?itemid=1 http://www.xwgjzx.com:8888/anmai/Elective/ClassInfo/CallOverDown.aspx?itemid=1 ``` ### 漏洞证明： SQL注入测试一： ``` http://jmzx.xmedu.cn:9999/anmai/Elective/ClassInfo/CallOverDown.aspx?itemid=1 ``` [<img src="https://images.seebug.org/upload/201503/23221402f62486111428c2e2d749abfd1f3c049e.jpg" alt="01.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201503/23221402f62486111428c2e2d749abfd1f3c049e.jpg) ``` 当前用户和数据库 ``` [<img src="https://images.seebug.org/upload/201503/23221432f9ccda13b01852f6e2c5ae0608ff8946.jpg" alt="02.jpg" width="600"...

### 简要描述： RT ### 详细说明： SQL注入文件： ``` /anmai/Elective/ClassInfo/CallOverDown.aspx ``` 案例： ``` http://jmzx.xmedu.cn:9999/anmai/Elective/ClassInfo/CallOverDown.aspx?itemid=1 http://www.gxbyzx.cn:88/anmai/Elective/ClassInfo/CallOverDown.aspx?itemid=1 http://szxx.pudong-edu.sh.cn/anmai/Elective/ClassInfo/CallOverDown.aspx?itemid=1 http://218.78.241.80/anmai/Elective/ClassInfo/CallOverDown.aspx?itemid=1 http://www.xwgjzx.com:8888/anmai/Elective/ClassInfo/CallOverDown.aspx?itemid=1 ``` ### 漏洞证明： SQL注入测试一： ``` http://jmzx.xmedu.cn:9999/anmai/Elective/ClassInfo/CallOverDown.aspx?itemid=1 ``` [<img src="https://images.seebug.org/upload/201503/23221402f62486111428c2e2d749abfd1f3c049e.jpg" alt="01.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201503/23221402f62486111428c2e2d749abfd1f3c049e.jpg) ``` 当前用户和数据库 ``` [<img src="https://images.seebug.org/upload/201503/23221432f9ccda13b01852f6e2c5ae0608ff8946.jpg" alt="02.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201503/23221432f9ccda13b01852f6e2c5ae0608ff8946.jpg) ``` ``` SQL注入测试二： ``` http://www.gxbyzx.cn:88/anmai/Elective/ClassInfo/CallOverDown.aspx?itemid=1 ``` [<img src="https://images.seebug.org/upload/201503/23221454e3b07cfca5011826a0c77bf6ae239293.jpg" alt="03.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201503/23221454e3b07cfca5011826a0c77bf6ae239293.jpg) ``` 当前用户和数据库 ``` [<img src="https://images.seebug.org/upload/201503/2322150535fed9754cb9c68f55027a20f889165b.jpg" alt="04.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201503/2322150535fed9754cb9c68f55027a20f889165b.jpg) ``` ``` SQL注入测试三： ``` http://szxx.pudong-edu.sh.cn/anmai/Elective/ClassInfo/CallOverDown.aspx?itemid=1 ``` [<img src="https://images.seebug.org/upload/201503/232215298fd3f42d23700073820994ed4d0d1c7e.jpg" alt="05.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201503/232215298fd3f42d23700073820994ed4d0d1c7e.jpg) ``` 当前用户和数据库 ``` [<img src="https://images.seebug.org/upload/201503/23221539d88c89bdcb0a9ac38c1a9fb406ce864f.jpg" alt="06.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201503/23221539d88c89bdcb0a9ac38c1a9fb406ce864f.jpg) ``` ```