VULHUB ™

### 简要描述： RT ### 详细说明： 海天OA存在一处sql注入 海天OA官网：http://www.haitiansoft.com:8080/ 前人也有提交过我就不写那么多案例了，下面就用5个案例来做安全测试！ SQL注入点： ``` /ZhuanTi/OA_Loadlink.asp?OAID= ``` ### 漏洞证明： 案例： ``` http://180.166.7.94/ZhuanTi/OA_Loadlink.asp?OAID=1 http://oa.tjfsu.edu.cn/ZhuanTi/OA_Loadlink.asp?OAID=1 http://www.fzsyxx.com/oa/ZhuanTi/OA_Loadlink.asp?OAID=1 http://vos.tjufe.edu.cn/ZhuanTi/OA_Loadlink.asp?OAID=1 http://www.shhjwl.com/vos/ZhuanTi/OA_Loadlink.asp?OAID=1 ``` 案例一： ``` http://180.166.7.94/ZhuanTi/OA_Loadlink.asp?OAID=1 ``` [<img src="https://images.seebug.org/upload/201411/13174100bf067dcb0000eb87f7d2055094616a4a.jpg" alt="01.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201411/13174100bf067dcb0000eb87f7d2055094616a4a.jpg) ``` ``` [<img src="https://images.seebug.org/upload/201411/1317410833fb9e598788604bd76eeb5ea5189aff.jpg" alt="02.jpg" width="600"...

### 简要描述： RT ### 详细说明： 海天OA存在一处sql注入 海天OA官网：http://www.haitiansoft.com:8080/ 前人也有提交过我就不写那么多案例了，下面就用5个案例来做安全测试！ SQL注入点： ``` /ZhuanTi/OA_Loadlink.asp?OAID= ``` ### 漏洞证明： 案例： ``` http://180.166.7.94/ZhuanTi/OA_Loadlink.asp?OAID=1 http://oa.tjfsu.edu.cn/ZhuanTi/OA_Loadlink.asp?OAID=1 http://www.fzsyxx.com/oa/ZhuanTi/OA_Loadlink.asp?OAID=1 http://vos.tjufe.edu.cn/ZhuanTi/OA_Loadlink.asp?OAID=1 http://www.shhjwl.com/vos/ZhuanTi/OA_Loadlink.asp?OAID=1 ``` 案例一： ``` http://180.166.7.94/ZhuanTi/OA_Loadlink.asp?OAID=1 ``` [<img src="https://images.seebug.org/upload/201411/13174100bf067dcb0000eb87f7d2055094616a4a.jpg" alt="01.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201411/13174100bf067dcb0000eb87f7d2055094616a4a.jpg) ``` ``` [<img src="https://images.seebug.org/upload/201411/1317410833fb9e598788604bd76eeb5ea5189aff.jpg" alt="02.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201411/1317410833fb9e598788604bd76eeb5ea5189aff.jpg) ``` ``` 案例二： ``` http://oa.tjfsu.edu.cn/ZhuanTi/OA_Loadlink.asp?OAID=1 ``` [<img src="https://images.seebug.org/upload/201411/131741260b743e3fd42086283e1cc296e9006dbe.jpg" alt="03.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201411/131741260b743e3fd42086283e1cc296e9006dbe.jpg) ``` ``` 案例三： ``` http://www.fzsyxx.com/oa/ZhuanTi/OA_Loadlink.asp?OAID=1 ``` [<img src="https://images.seebug.org/upload/201411/13174149b2b2022103cba1665a969777ff65bdda.jpg" alt="04.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201411/13174149b2b2022103cba1665a969777ff65bdda.jpg) ``` ``` 案例四： ``` http://vos.tjufe.edu.cn/ZhuanTi/OA_Loadlink.asp?OAID=1 ``` [<img src="https://images.seebug.org/upload/201411/13174215390776fbb94bace603900cead1d6a6ca.jpg" alt="05.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201411/13174215390776fbb94bace603900cead1d6a6ca.jpg) ``` ``` 案例五： ``` http://www.shhjwl.com/vos/ZhuanTi/OA_Loadlink.asp?OAID=1 ``` [<img src="https://images.seebug.org/upload/201411/13174239fc61718c6358ef8a9ec6e5d98803a6b5.jpg" alt="06.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201411/13174239fc61718c6358ef8a9ec6e5d98803a6b5.jpg) ``` ```