VULHUB ™

### 简要描述： ### 详细说明： ``` 缺陷：module/sitesearch/index.jsp 注入参数columnid ``` ### 漏洞证明： 案例测试： 测试A： ``` <fieldset class="fieldset fieldset-mask"> <legend>mask 区域</legend> <pre><mask>1.http://**.**.** </mask></pre> </fieldset> /module/sitesearch/index.jsp?columnid=0,-11,5086,5087,5088,5089,5090,5104,5105,5106,5107,5091,5108,5109,5110,5111,5092,5120,5121,5122,5123,5093,5094,5095,5117,5118,5119,5096,5097,5098,5099,5100 ``` [<img src="https://images.seebug.org/upload/201408/0311512039f6723139013d63499e4aedebad3e7c.jpg" alt="01.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201408/0311512039f6723139013d63499e4aedebad3e7c.jpg) 测试B： ``` <fieldset class="fieldset fieldset-mask"> <legend>mask 区域</legend> <pre><mask>1.http://**.**.** </mask></pre> </fieldset> /module/sitesearch/index.jsp?columnid=0,-11,5086,5087,5088,5089,5090,5104,5105,5106,5107,5091,5108,5109,5110,5111,5092,5120,5121,5122,5123,5093,5094,5095,5117,5118,5119,5096,5097,5098,5099,5100 ``` [<img...

### 简要描述： ### 详细说明： ``` 缺陷：module/sitesearch/index.jsp 注入参数columnid ``` ### 漏洞证明： 案例测试： 测试A： ``` <fieldset class="fieldset fieldset-mask"> <legend>mask 区域</legend> <pre><mask>1.http://**.**.** </mask></pre> </fieldset> /module/sitesearch/index.jsp?columnid=0,-11,5086,5087,5088,5089,5090,5104,5105,5106,5107,5091,5108,5109,5110,5111,5092,5120,5121,5122,5123,5093,5094,5095,5117,5118,5119,5096,5097,5098,5099,5100 ``` [<img src="https://images.seebug.org/upload/201408/0311512039f6723139013d63499e4aedebad3e7c.jpg" alt="01.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201408/0311512039f6723139013d63499e4aedebad3e7c.jpg) 测试B： ``` <fieldset class="fieldset fieldset-mask"> <legend>mask 区域</legend> <pre><mask>1.http://**.**.** </mask></pre> </fieldset> /module/sitesearch/index.jsp?columnid=0,-11,5086,5087,5088,5089,5090,5104,5105,5106,5107,5091,5108,5109,5110,5111,5092,5120,5121,5122,5123,5093,5094,5095,5117,5118,5119,5096,5097,5098,5099,5100 ``` [<img src="https://images.seebug.org/upload/201408/03115202cdabccaa9dbf7aaf887e0b6b6e1896e0.jpg" alt="02.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201408/03115202cdabccaa9dbf7aaf887e0b6b6e1896e0.jpg) 测试C ``` <fieldset class="fieldset fieldset-mask"> <legend>mask 区域</legend> <pre><mask>1.http://**.**.** </mask></pre> </fieldset> /module/sitesearch/index.jsp?columnid=0,-11,5086,5087,5088,5089,5090,5104,5105,5106,5107,5091,5108,5109,5110,5111,5092,5120,5121,5122,5123,5093,5094,5095,5117,5118,5119,5096,5097,5098,5099,5100 ``` [<img src="https://images.seebug.org/upload/201408/031153525bffb87593724e3232d91eaf84e9561b.jpg" alt="03.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201408/031153525bffb87593724e3232d91eaf84e9561b.jpg) 测试D： ``` <fieldset class="fieldset fieldset-mask"> <legend>mask 区域</legend> <pre><mask>1.http://**.**.** </mask></pre> </fieldset> /module/sitesearch/index.jsp?columnid=0,-11,5086,5087,5088,5089,5090,5104,5105,5106,5107,5091,5108,5109,5110,5111,5092,5120,5121,5122,5123,5093,5094,5095,5117,5118,5119,5096,5097,5098,5099,5100 ``` [<img src="https://images.seebug.org/upload/201408/03115429ac5bdc8e27e44f32c79c2bd090f60f39.jpg" alt="04.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201408/03115429ac5bdc8e27e44f32c79c2bd090f60f39.jpg) 测试E： ``` <fieldset class="fieldset fieldset-mask"> <legend>mask 区域</legend> <pre><mask>1.http://**.**.** </mask></pre> </fieldset> /module/sitesearch/index.jsp?columnid=0,-11,5086,5087,5088,5089,5090,5104,5105,5106,5107,5091,5108,5109,5110,5111,5092,5120,5121,5122,5123,5093,5094,5095,5117,5118,5119,5096,5097,5098,5099,5100 ``` [<img src="https://images.seebug.org/upload/201408/031155100b4217ddff51f8f6ee21c85730d27628.jpg" alt="05.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201408/031155100b4217ddff51f8f6ee21c85730d27628.jpg)