VULHUB ™

### 简要描述： RT ### 详细说明： 海天OA存在一处sql注入 海天OA官网：http://www.haitiansoft.com:8080/ SQL注入点： ``` \car\ShenQingInforDis.asp?OAID= ``` ### 漏洞证明： 案例： ``` http://180.166.7.94/car/ShenQingInforDis.asp?OAID=1 http://oa.tjfsu.edu.cn/car/ShenQingInforDis.asp?OAID=1 http://www.fzsyxx.com/oa/car/ShenQingInforDis.asp?OAID=1 http://vos.tjufe.edu.cn/car/ShenQingInforDis.asp?OAID=1 http://www.shhjwl.com/vos/car/ShenQingInforDis.asp?OAID=1 http://www.cnshuiyu.com/car/ShenQingInforDis.asp?OAID=1 ``` 案例一 ``` http://180.166.7.94/car/ShenQingInforDis.asp?OAID=1 ``` [<img src="https://images.seebug.org/upload/201411/01150245733365a2b7a7193e63a226c8288c41a2.jpg" alt="01.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201411/01150245733365a2b7a7193e63a226c8288c41a2.jpg) ``` ``` [<img src="https://images.seebug.org/upload/201411/011503269776c7d7ba4af98de5e6fc287c1caef7.jpg" alt="02.jpg" width="600"...

### 简要描述： RT ### 详细说明： 海天OA存在一处sql注入 海天OA官网：http://www.haitiansoft.com:8080/ SQL注入点： ``` \car\ShenQingInforDis.asp?OAID= ``` ### 漏洞证明： 案例： ``` http://180.166.7.94/car/ShenQingInforDis.asp?OAID=1 http://oa.tjfsu.edu.cn/car/ShenQingInforDis.asp?OAID=1 http://www.fzsyxx.com/oa/car/ShenQingInforDis.asp?OAID=1 http://vos.tjufe.edu.cn/car/ShenQingInforDis.asp?OAID=1 http://www.shhjwl.com/vos/car/ShenQingInforDis.asp?OAID=1 http://www.cnshuiyu.com/car/ShenQingInforDis.asp?OAID=1 ``` 案例一 ``` http://180.166.7.94/car/ShenQingInforDis.asp?OAID=1 ``` [<img src="https://images.seebug.org/upload/201411/01150245733365a2b7a7193e63a226c8288c41a2.jpg" alt="01.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201411/01150245733365a2b7a7193e63a226c8288c41a2.jpg) ``` ``` [<img src="https://images.seebug.org/upload/201411/011503269776c7d7ba4af98de5e6fc287c1caef7.jpg" alt="02.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201411/011503269776c7d7ba4af98de5e6fc287c1caef7.jpg) ``` ``` 案例二 ``` http://oa.tjfsu.edu.cn/car/ShenQingInforDis.asp?OAID=1 ``` [<img src="https://images.seebug.org/upload/201411/01150338e154a9fe4080269de096082e4038a3eb.jpg" alt="03.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201411/01150338e154a9fe4080269de096082e4038a3eb.jpg) ``` ``` 案例三 ``` http://www.fzsyxx.com/oa/car/ShenQingInforDis.asp?OAID=1 ``` [<img src="https://images.seebug.org/upload/201411/01150400246303fc614ec712a59d6d02428541dd.jpg" alt="04.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201411/01150400246303fc614ec712a59d6d02428541dd.jpg) ``` ``` 案例四 ``` http://vos.tjufe.edu.cn/car/ShenQingInforDis.asp?OAID=1 ``` [<img src="https://images.seebug.org/upload/201411/0115043717c95d15c204d6ba721417b8c7cadbc2.jpg" alt="05.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201411/0115043717c95d15c204d6ba721417b8c7cadbc2.jpg) ``` ``` 案例五 ``` http://www.shhjwl.com/vos/car/ShenQingInforDis.asp?OAID=1 ``` [<img src="https://images.seebug.org/upload/201411/01150459a150d2f3d8bed4ba85f962626e873130.jpg" alt="06.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201411/01150459a150d2f3d8bed4ba85f962626e873130.jpg) ``` ``` 案例六 ``` http://www.cnshuiyu.com/car/ShenQingInforDis.asp?OAID=1 ``` [<img src="https://images.seebug.org/upload/201411/01150519dca36c64b83ffb5b4ed5c806225830fe.jpg" alt="07.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201411/01150519dca36c64b83ffb5b4ed5c806225830fe.jpg) ``` ```