VULHUB ™

### 简要描述： 我胡汉三又回来了>.< ### 详细说明： ``` http://cssotest.kingdee.com/knowledge/search/searchKnowledge!knowledgeSearch.action?produceId=1003&ids=1140&id=1140&secondId=&versionId=0&currPage=2 ``` Jsp+Mssql 奇葩设置啊。 ### 漏洞证明： [<img src="https://images.seebug.org/upload/201406/132054469193b5da5c186aaeb8a29396f1c53f09.jpg" alt="1.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201406/132054469193b5da5c186aaeb8a29396f1c53f09.jpg) [<img src="https://images.seebug.org/upload/201406/132055042b38aa68bc9c3ba6f3617f66d1317778.jpg" alt="2.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201406/132055042b38aa68bc9c3ba6f3617f66d1317778.jpg) [<img src="https://images.seebug.org/upload/201406/132055174311aac7f9797cc984feefc347948a9b.jpg" alt="3.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201406/132055174311aac7f9797cc984feefc347948a9b.jpg) 那么多的库 那么大的权限 我才不继续搞呢 点到为止:)

### 简要描述： 我胡汉三又回来了>.< ### 详细说明： ``` http://cssotest.kingdee.com/knowledge/search/searchKnowledge!knowledgeSearch.action?produceId=1003&ids=1140&id=1140&secondId=&versionId=0&currPage=2 ``` Jsp+Mssql 奇葩设置啊。 ### 漏洞证明： [<img src="https://images.seebug.org/upload/201406/132054469193b5da5c186aaeb8a29396f1c53f09.jpg" alt="1.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201406/132054469193b5da5c186aaeb8a29396f1c53f09.jpg) [<img src="https://images.seebug.org/upload/201406/132055042b38aa68bc9c3ba6f3617f66d1317778.jpg" alt="2.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201406/132055042b38aa68bc9c3ba6f3617f66d1317778.jpg) [<img src="https://images.seebug.org/upload/201406/132055174311aac7f9797cc984feefc347948a9b.jpg" alt="3.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201406/132055174311aac7f9797cc984feefc347948a9b.jpg) 那么多的库 那么大的权限 我才不继续搞呢 点到为止:)