VULHUB ™

### 简要描述： RT ### 详细说明： 吉大正元信息技术股份有限公司:http://www.jit.com.cn/ 众多政府网站都在使用该系统 我就用5个案例来测试。 注入链接是： ``` /zwdtSjgl/infoIndex.jsp?channelCid= ``` 案例： ``` http://218.27.207.22/zwdtSjgl/infoIndex.jsp?channelCid=6 http://218.27.190.107:8080/zwdtSjgl/infoIndex.jsp?channelCid=9 http://218.27.140.5/zwdtSjgl/infoIndex.jsp?channelCid=6 http://www.jlfm.gov.cn:8081/zwdtSjgl/infoIndex.jsp?channelCid=6 http://218.62.90.168/zwdtSjgl/infoIndex.jsp?channelCid=9 ``` ### 漏洞证明： 案例一： ``` http://218.27.207.22/zwdtSjgl/infoIndex.jsp?channelCid=6 ``` [<img src="https://images.seebug.org/upload/201412/26220045716d875918874dc1032f558d03d8c2d1.jpg" alt="01.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201412/26220045716d875918874dc1032f558d03d8c2d1.jpg) ``` ``` 案例二： ``` http://218.27.190.107:8080/zwdtSjgl/infoIndex.jsp?channelCid=9 ``` [<img src="https://images.seebug.org/upload/201412/26220101a86c5d2dab90f34c9ee539bc5dff6753.jpg" alt="02.jpg" width="600"...

### 简要描述： RT ### 详细说明： 吉大正元信息技术股份有限公司:http://www.jit.com.cn/ 众多政府网站都在使用该系统 我就用5个案例来测试。 注入链接是： ``` /zwdtSjgl/infoIndex.jsp?channelCid= ``` 案例： ``` http://218.27.207.22/zwdtSjgl/infoIndex.jsp?channelCid=6 http://218.27.190.107:8080/zwdtSjgl/infoIndex.jsp?channelCid=9 http://218.27.140.5/zwdtSjgl/infoIndex.jsp?channelCid=6 http://www.jlfm.gov.cn:8081/zwdtSjgl/infoIndex.jsp?channelCid=6 http://218.62.90.168/zwdtSjgl/infoIndex.jsp?channelCid=9 ``` ### 漏洞证明： 案例一： ``` http://218.27.207.22/zwdtSjgl/infoIndex.jsp?channelCid=6 ``` [<img src="https://images.seebug.org/upload/201412/26220045716d875918874dc1032f558d03d8c2d1.jpg" alt="01.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201412/26220045716d875918874dc1032f558d03d8c2d1.jpg) ``` ``` 案例二： ``` http://218.27.190.107:8080/zwdtSjgl/infoIndex.jsp?channelCid=9 ``` [<img src="https://images.seebug.org/upload/201412/26220101a86c5d2dab90f34c9ee539bc5dff6753.jpg" alt="02.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201412/26220101a86c5d2dab90f34c9ee539bc5dff6753.jpg) ``` ``` 案例三： ``` http://218.27.140.5/zwdtSjgl/infoIndex.jsp?channelCid=6 ``` [<img src="https://images.seebug.org/upload/201412/26220117c8439e58df0c16dc56f66a35414183e2.jpg" alt="03.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201412/26220117c8439e58df0c16dc56f66a35414183e2.jpg) ``` ``` 案例四： ``` http://www.jlfm.gov.cn:8081/zwdtSjgl/infoIndex.jsp?channelCid=6 ``` [<img src="https://images.seebug.org/upload/201412/2622013284df03568159bd6bfcc3c095fc1f3265.jpg" alt="04.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201412/2622013284df03568159bd6bfcc3c095fc1f3265.jpg) ``` ``` 案例五： ``` http://218.62.90.168/zwdtSjgl/infoIndex.jsp?channelCid=9 ``` [<img src="https://images.seebug.org/upload/201412/262201489d544828901d150d31572773b98efce1.jpg" alt="05.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201412/262201489d544828901d150d31572773b98efce1.jpg) ``` ```