VULHUB ™

### 简要描述： RT ### 详细说明： 山东农友软件公司官网:http://www.nongyou.com.cn/ 和这个漏洞 [WooYun: 某政府系统三处注入打包](http://www.wooyun.org/bugs/wooyun-2015-097690) 是同一文件的但是不是同一目录下的注入，不知道算不算重复啊 第一处： http://61.133.119.187:8091/symItemView/ItemSixth.aspx?id=1 http://222.135.76.147:8200/symItemView/ItemSixth.aspx?id=1 http://222.135.127.190:7200/symItemView/ItemSixth.aspx?id=1 http://221.2.149.47:8200/symItemView/ItemSixth.aspx?id=1 http://218.59.205.41:8053/symItemView/ItemSixth.aspx?id=1 http://jwh.tanljgzx.gov.cn/symItemView/ItemSixth.aspx?id=1 http://221.2.171.59:8200/symItemView/ItemSixth.aspx?id=1 http://218.56.159.98:8001/symItemView/ItemSixth.aspx?id=1 http://123.134.189.60:8016/symItemView/ItemSixth.aspx?id=1 第二处: http://61.133.119.187:8091/symItemView/ItemSecond.aspx?id=1 http://222.135.76.147:8200/symItemView/ItemSecond.aspx?id=1 http://222.135.127.190:7200/symItemView/ItemSecond.aspx?id=1 http://221.2.149.47:8200/symItemView/ItemSecond.aspx?id=1...

### 简要描述： RT ### 详细说明： 山东农友软件公司官网:http://www.nongyou.com.cn/ 和这个漏洞 [WooYun: 某政府系统三处注入打包](http://www.wooyun.org/bugs/wooyun-2015-097690) 是同一文件的但是不是同一目录下的注入，不知道算不算重复啊 第一处： http://61.133.119.187:8091/symItemView/ItemSixth.aspx?id=1 http://222.135.76.147:8200/symItemView/ItemSixth.aspx?id=1 http://222.135.127.190:7200/symItemView/ItemSixth.aspx?id=1 http://221.2.149.47:8200/symItemView/ItemSixth.aspx?id=1 http://218.59.205.41:8053/symItemView/ItemSixth.aspx?id=1 http://jwh.tanljgzx.gov.cn/symItemView/ItemSixth.aspx?id=1 http://221.2.171.59:8200/symItemView/ItemSixth.aspx?id=1 http://218.56.159.98:8001/symItemView/ItemSixth.aspx?id=1 http://123.134.189.60:8016/symItemView/ItemSixth.aspx?id=1 第二处: http://61.133.119.187:8091/symItemView/ItemSecond.aspx?id=1 http://222.135.76.147:8200/symItemView/ItemSecond.aspx?id=1 http://222.135.127.190:7200/symItemView/ItemSecond.aspx?id=1 http://221.2.149.47:8200/symItemView/ItemSecond.aspx?id=1 http://218.59.205.41:8053/symItemView/ItemSecond.aspx?id=1 http://jwh.tanljgzx.gov.cn/symItemView/ItemSecond.aspx?id=1 http://221.2.171.59:8200/symItemView/ItemSecond.aspx?id=1 http://218.56.159.98:8001/symItemView/ItemSecond.aspx?id=1 http://123.134.189.60:8016/symItemView/ItemSecond.aspx?id=1 ### 漏洞证明： http://61.133.119.187:8091/symItemView/ItemSixth.aspx?id=1 [<img src="https://images.seebug.org/upload/201503/2309422423b1ce6d2f4bbe72d50d8ef716b91c1a.png" alt="QQ图片20150323094219.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201503/2309422423b1ce6d2f4bbe72d50d8ef716b91c1a.png) http://221.2.149.47:8200/symItemView/ItemSecond.aspx?id=1 [<img src="https://images.seebug.org/upload/201503/23094401026b91e41a5f178cca87a481cd41dbf0.png" alt="QQ图片20150323094358.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201503/23094401026b91e41a5f178cca87a481cd41dbf0.png)