VULHUB ™

### 简要描述： RT ### 详细说明： 海天OA存在一处sql注入 海天OA官网：http://www.haitiansoft.com:8080/ 前人也有提交过我就不写那么多案例了，下面就用5个案例来做安全测试！ SQL注入点： ``` /information/OA_InforDisList.asp?class= ``` ### 漏洞证明： 案例： ``` http://180.166.7.94/information/OA_InforDisList.asp?class=1 http://oa.tjfsu.edu.cn/information/OA_InforDisList.asp?class=1 http://www.fzsyxx.com/oa/information/OA_InforDisList.asp?class=1 http://vos.tjufe.edu.cn/information/OA_InforDisList.asp?class=1 http://www.shhjwl.com/vos/information/OA_InforDisList.asp?class=1 http://www.cnshuiyu.com/information/OA_InforDisList.asp?class=1 ``` 案例一： ``` http://180.166.7.94/information/OA_InforDisList.asp?class=1 ``` [<img src="https://images.seebug.org/upload/201409/2317233555aba4772b0d599ce379ff7cbe966465.jpg" alt="01.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201409/2317233555aba4772b0d599ce379ff7cbe966465.jpg) ``` ``` [<img src="https://images.seebug.org/upload/201409/231723525bbad120f07a2ddf3b29e8a0de12f68e.jpg"...

### 简要描述： RT ### 详细说明： 海天OA存在一处sql注入 海天OA官网：http://www.haitiansoft.com:8080/ 前人也有提交过我就不写那么多案例了，下面就用5个案例来做安全测试！ SQL注入点： ``` /information/OA_InforDisList.asp?class= ``` ### 漏洞证明： 案例： ``` http://180.166.7.94/information/OA_InforDisList.asp?class=1 http://oa.tjfsu.edu.cn/information/OA_InforDisList.asp?class=1 http://www.fzsyxx.com/oa/information/OA_InforDisList.asp?class=1 http://vos.tjufe.edu.cn/information/OA_InforDisList.asp?class=1 http://www.shhjwl.com/vos/information/OA_InforDisList.asp?class=1 http://www.cnshuiyu.com/information/OA_InforDisList.asp?class=1 ``` 案例一： ``` http://180.166.7.94/information/OA_InforDisList.asp?class=1 ``` [<img src="https://images.seebug.org/upload/201409/2317233555aba4772b0d599ce379ff7cbe966465.jpg" alt="01.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201409/2317233555aba4772b0d599ce379ff7cbe966465.jpg) ``` ``` [<img src="https://images.seebug.org/upload/201409/231723525bbad120f07a2ddf3b29e8a0de12f68e.jpg" alt="02.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201409/231723525bbad120f07a2ddf3b29e8a0de12f68e.jpg) ``` ``` 案例二： ``` http://oa.tjfsu.edu.cn/information/OA_InforDisList.asp?class=1 ``` [<img src="https://images.seebug.org/upload/201409/23172527a4835014a24fd556776b950b310208c6.jpg" alt="03.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201409/23172527a4835014a24fd556776b950b310208c6.jpg) ``` ``` 案例三： ``` http://www.fzsyxx.com/oa/information/OA_InforDisList.asp?class=1 ``` [<img src="https://images.seebug.org/upload/201409/231726003a847f13d1252bdc32e428f946399373.jpg" alt="04.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201409/231726003a847f13d1252bdc32e428f946399373.jpg) ``` ``` 案例四： ``` http://vos.tjufe.edu.cn/information/OA_InforDisList.asp?class=1 ``` [<img src="https://images.seebug.org/upload/201409/23172623256e8438eecc96b81f3a6e15c593bc44.jpg" alt="05.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201409/23172623256e8438eecc96b81f3a6e15c593bc44.jpg) ``` ``` 案例五： ``` http://www.shhjwl.com/vos/information/OA_InforDisList.asp?class=1 ``` [<img src="https://images.seebug.org/upload/201409/23172839abc51bef371d3fa6fd976db580c015e8.jpg" alt="06.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201409/23172839abc51bef371d3fa6fd976db580c015e8.jpg) ``` ``` 案例六： ``` http://www.cnshuiyu.com/information/OA_InforDisList.asp?class=1 ``` [<img src="https://images.seebug.org/upload/201409/231733390e5e41f352bd9967096f35348d833137.jpg" alt="07.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201409/231733390e5e41f352bd9967096f35348d833137.jpg) ``` ```