### 简要描述: SQL注入 ### 详细说明: 大汉版通JCMS内容管理系统网站群访问统计功能存在SQL注入漏洞 ### 漏洞证明: http://www.gzlps.gov.cn/vc/vc/interface/index/que_scount.jsp?webid=1 [<img src="https://images.seebug.org/upload/201406/28114259595cae78b08d5b12ed0f7542f16cce5e.jpg" alt="SQL.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201406/28114259595cae78b08d5b12ed0f7542f16cce5e.jpg) 其他一些案列: http://www.jinhua.gov.cn/vc/vc/interface/index/que_scount.jsp?webid=1 http://www.zaozhuang.gov.cn/vc/vc/interface/index/que_scount.jsp?webid=1 http://www.jingjiang.gov.cn/vc/vc/interface/index/que_scount.jsp?webid=1 http://www.liuzhi.gov.cn/vc/vc/interface/index/que_scount.jsp?webid=1 http://www.zjhrss.gov.cn/vc/vc/interface/index/que_scount.jsp?webid=1 http://www.jsds.gov.cn/vc/vc/interface/index/que_scount.jsp?webid=1 http://www.njqh.gov.cn/vc/vc/interface/index/que_scount.jsp?webid=1 http://www.taicang.gov.cn/vcc/vc/interface/index/que_scount.jsp?webid=1...
### 简要描述: SQL注入 ### 详细说明: 大汉版通JCMS内容管理系统网站群访问统计功能存在SQL注入漏洞 ### 漏洞证明: http://www.gzlps.gov.cn/vc/vc/interface/index/que_scount.jsp?webid=1 [<img src="https://images.seebug.org/upload/201406/28114259595cae78b08d5b12ed0f7542f16cce5e.jpg" alt="SQL.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201406/28114259595cae78b08d5b12ed0f7542f16cce5e.jpg) 其他一些案列: http://www.jinhua.gov.cn/vc/vc/interface/index/que_scount.jsp?webid=1 http://www.zaozhuang.gov.cn/vc/vc/interface/index/que_scount.jsp?webid=1 http://www.jingjiang.gov.cn/vc/vc/interface/index/que_scount.jsp?webid=1 http://www.liuzhi.gov.cn/vc/vc/interface/index/que_scount.jsp?webid=1 http://www.zjhrss.gov.cn/vc/vc/interface/index/que_scount.jsp?webid=1 http://www.jsds.gov.cn/vc/vc/interface/index/que_scount.jsp?webid=1 http://www.njqh.gov.cn/vc/vc/interface/index/que_scount.jsp?webid=1 http://www.taicang.gov.cn/vcc/vc/interface/index/que_scount.jsp?webid=1 http://www.gygov.gov.cn/vc/vc/interface/index/que_scount.jsp?webid=1 http://www.huzhou.gov.cn/vc/vc/interface/index/que_scount.jsp?webid=1
