VULHUB ™

### 简要描述： RT ### 详细说明： 吉大正元信息技术股份有限公司:http://www.jit.com.cn/ 众多政府网站都在使用该系统 我就用5个案例来测试。 注入链接是： ``` /zwdtSjgl/Directory/showNsjg.jsp?NsjgId= ``` 案例： ``` http://122.143.239.70:8090/zwdtSjgl/Directory/showNsjg.jsp?NsjgId=1736 http://222.160.175.90/zwdtSjgl/Directory/showNsjg.jsp?NsjgId=1769 http://218.27.190.107:8080/zwdtSjgl/Directory/showNsjg.jsp?NsjgId=1622 http://222.34.78.21/zwdtSjgl/Directory/showNsjg.jsp?NsjgId=2189 http://222.160.140.29:8000/zwdtSjgl/Directory/showNsjg.jsp?NsjgId=1625 ``` ### 漏洞证明： 案例一： ``` http://122.143.239.70:8090/zwdtSjgl/Directory/showNsjg.jsp?NsjgId=1736 ``` [<img src="https://images.seebug.org/upload/201412/24103407af2c7719378c1c8f3ec47633f4bda59e.jpg" alt="01.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201412/24103407af2c7719378c1c8f3ec47633f4bda59e.jpg) ``` ``` 案例二： ``` http://222.160.175.90/zwdtSjgl/Directory/showNsjg.jsp?NsjgId=1769 ``` [<img...

### 简要描述： RT ### 详细说明： 吉大正元信息技术股份有限公司:http://www.jit.com.cn/ 众多政府网站都在使用该系统 我就用5个案例来测试。 注入链接是： ``` /zwdtSjgl/Directory/showNsjg.jsp?NsjgId= ``` 案例： ``` http://122.143.239.70:8090/zwdtSjgl/Directory/showNsjg.jsp?NsjgId=1736 http://222.160.175.90/zwdtSjgl/Directory/showNsjg.jsp?NsjgId=1769 http://218.27.190.107:8080/zwdtSjgl/Directory/showNsjg.jsp?NsjgId=1622 http://222.34.78.21/zwdtSjgl/Directory/showNsjg.jsp?NsjgId=2189 http://222.160.140.29:8000/zwdtSjgl/Directory/showNsjg.jsp?NsjgId=1625 ``` ### 漏洞证明： 案例一： ``` http://122.143.239.70:8090/zwdtSjgl/Directory/showNsjg.jsp?NsjgId=1736 ``` [<img src="https://images.seebug.org/upload/201412/24103407af2c7719378c1c8f3ec47633f4bda59e.jpg" alt="01.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201412/24103407af2c7719378c1c8f3ec47633f4bda59e.jpg) ``` ``` 案例二： ``` http://222.160.175.90/zwdtSjgl/Directory/showNsjg.jsp?NsjgId=1769 ``` [<img src="https://images.seebug.org/upload/201412/24103425e62e12c4ac05e091ce0329e0e75fcf5e.jpg" alt="02.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201412/24103425e62e12c4ac05e091ce0329e0e75fcf5e.jpg) ``` ``` 案例三： ``` http://218.27.190.107:8080/zwdtSjgl/Directory/showNsjg.jsp?NsjgId=1622 ``` [<img src="https://images.seebug.org/upload/201412/2410344238ca3779f9dad7b836a1aba84bc6a02b.jpg" alt="03.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201412/2410344238ca3779f9dad7b836a1aba84bc6a02b.jpg) ``` ``` 案例四： ``` http://222.34.78.21/zwdtSjgl/Directory/showNsjg.jsp?NsjgId=2189 ``` [<img src="https://images.seebug.org/upload/201412/24103456ef4fe18eb399162366b05539398caba9.jpg" alt="04.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201412/24103456ef4fe18eb399162366b05539398caba9.jpg) ``` ``` 案例五： ``` http://222.160.140.29:8000/zwdtSjgl/Directory/showNsjg.jsp?NsjgId=1625 ``` [<img src="https://images.seebug.org/upload/201412/2410351217091089e53a1db1965bc66b2a9e45c9.jpg" alt="05.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201412/2410351217091089e53a1db1965bc66b2a9e45c9.jpg) ``` ```