### 简要描述: 见详情 ### 详细说明: ### 漏洞证明: 看乌云别人提交,看了下: 关键字:SM2005/ 多处越权: 第一处:无需登陆可查看任意教师,任意学期的班级课表 漏洞位置:SM2005/student/StuKB/TeaKB.asp?sYanzheng=suyaxingweb 案例如下: http://www.sdwhys.com/SM2005/student/StuKB/TeaKB.asp?sYanzheng=suyaxingweb http://www.zjnksyzx.com:8801/SM2005/student/StuKB/TeaKB.asp?sYanzheng=suyaxingweb http://www.lcxyz.com:21245/SM2005/student/StuKB/TeaKB.asp?sYanzheng=suyaxingweb http://www.suyaxing.com:81/SM2005/student/StuKB/TeaKB.asp?sYanzheng=suyaxingweb http://www.hwsyxx.com/SM2005/student/StuKB/TeaKB.asp?sYanzheng=suyaxingweb http://www.dlwsxx.com/SM2005/student/StuKB/TeaKB.asp?sYanzheng=suyaxingweb 以http://221.203.169.188/SM2005/student/StuKB/TeaKB.asp?sYanzheng=suyaxingweb为例: [<img src="https://images.seebug.org/upload/201502/1111173540ca698ad40a277043c81f6c64f7f000.png" alt="1.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201502/1111173540ca698ad40a277043c81f6c64f7f000.png) 第二处:无需登陆可查看任意学生成绩(有身份证号码前提)...
### 简要描述: 见详情 ### 详细说明: ### 漏洞证明: 看乌云别人提交,看了下: 关键字:SM2005/ 多处越权: 第一处:无需登陆可查看任意教师,任意学期的班级课表 漏洞位置:SM2005/student/StuKB/TeaKB.asp?sYanzheng=suyaxingweb 案例如下: http://www.sdwhys.com/SM2005/student/StuKB/TeaKB.asp?sYanzheng=suyaxingweb http://www.zjnksyzx.com:8801/SM2005/student/StuKB/TeaKB.asp?sYanzheng=suyaxingweb http://www.lcxyz.com:21245/SM2005/student/StuKB/TeaKB.asp?sYanzheng=suyaxingweb http://www.suyaxing.com:81/SM2005/student/StuKB/TeaKB.asp?sYanzheng=suyaxingweb http://www.hwsyxx.com/SM2005/student/StuKB/TeaKB.asp?sYanzheng=suyaxingweb http://www.dlwsxx.com/SM2005/student/StuKB/TeaKB.asp?sYanzheng=suyaxingweb 以http://221.203.169.188/SM2005/student/StuKB/TeaKB.asp?sYanzheng=suyaxingweb为例: [<img src="https://images.seebug.org/upload/201502/1111173540ca698ad40a277043c81f6c64f7f000.png" alt="1.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201502/1111173540ca698ad40a277043c81f6c64f7f000.png) 第二处:无需登陆可查看任意学生成绩(有身份证号码前提) 漏洞位置:http://58.56.38.170/SM2005/student/StuCJ/StuScoreQuery.asp?sYanzheng=suyaxingweb 案例: http://www.sdwhys.com/SM2005/student/StuCJ/StuScoreQuery.asp?sYanzheng=suyaxingweb http://www.zjnksyzx.com:8801/SM2005/student/StuCJ/StuScoreQuery.asp?sYanzheng=suyaxingweb http://www.lcxyz.com:21245/SM2005/student/StuCJ/StuScoreQuery.asp?sYanzheng=suyaxingweb http://www.suyaxing.com:81/SM2005/student/StuCJ/StuScoreQuery.asp?sYanzheng=suyaxingweb http://www.hwsyxx.com/SM2005/student/StuCJ/StuScoreQuery.asp?sYanzheng=suyaxingweb http://www.dlwsxx.com/SM2005/student/StuCJ/StuScoreQuery.asp?sYanzheng=suyaxingweb 如:http://58.56.38.170/SM2005/student/StuCJ/StuScoreQuery.asp?sYanzheng=suyaxingweb [<img src="https://images.seebug.org/upload/201502/11111808a48c902c918df9562ce18641271afb5c.png" alt="1.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201502/11111808a48c902c918df9562ce18641271afb5c.png) 第三处:无需登陆可查看任意班级课表信息 漏洞位置:SM2005/student/StuKB/ClassKB.asp?sYanzheng=suyaxingweb 案例: http://www.sdwhys.com/SM2005/student/StuKB/ClassKB.asp?sYanzheng=suyaxingweb http://www.zjnksyzx.com:8801/SM2005/student/StuKB/ClassKB.asp?sYanzheng=suyaxingweb http://www.lcxyz.com:21245/SM2005/student/StuKB/ClassKB.asp?sYanzheng=suyaxingweb http://www.suyaxing.com:81/SM2005/student/StuKB/ClassKB.asp?sYanzheng=suyaxingweb http://www.hwsyxx.com/SM2005/student/StuKB/ClassKB.asp?sYanzheng=suyaxingweb http://www.dlwsxx.com/SM2005/student/StuKB/ClassKB.asp?sYanzheng=suyaxingweb 等 如:http://218.26.67.184:8080/SM2005/student/StuKB/ClassKB.asp?sYanzheng=suyaxingweb [<img src="https://images.seebug.org/upload/201502/1111184419da9c0ad400551d9a11ac01efdcf9bb.png" alt="1.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201502/1111184419da9c0ad400551d9a11ac01efdcf9bb.png)
