某政府系统#注入漏洞一枚

### 简要描述： RT ### 详细说明： 山东农友软件公司官网:http://www.nongyou.com.cn/ 和这个漏洞 [WooYun: 某政府系统#注入漏洞一枚](http://www.wooyun.org/bugs/wooyun-2015-097688) 是同一文件的但是不是同一目录下的注入，而且，页面内容也不一样，不知道算不算重复啊 案例如下: http://61.133.119.187:8091/symItemView/ItemThird.aspx?id=1 http://222.135.76.147:8200/symItemView/ItemThird.aspx?id=1 http://222.135.127.190:7200/symItemView/ItemThird.aspx?id=1 http://221.2.149.47:8200/symItemView/ItemThird.aspx?id=1 http://218.59.205.41:8053/symItemView/ItemThird.aspx?id=1 http://jwh.tanljgzx.gov.cn/symItemView/ItemThird.aspx?id=1 http://221.2.171.59:8200/symItemView/ItemThird.aspx?id=1 http://218.56.159.98:8001/symItemView/ItemThird.aspx?id=1 http://123.134.189.60:8016/symItemView/ItemThird.aspx?id=1 ### 漏洞证明： http://61.133.119.187:8091/symItemView/ItemThird.aspx?id=1 [<img src="https://images.seebug.org/upload/201503/23101159911c1126a5fc8d00e568494555cd9eb0.png" alt="QQ图片20150323101151.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201503/23101159911c1126a5fc8d00e568494555cd9eb0.png) http://221.2.149.47:8200/symItemView/ItemThird.aspx?id=1 [<img src="https://images.seebug.org/upload/201503/23102842109ff9c1abf1350bad4ec7e4662f4112.png" alt="QQ图片20150323102837.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201503/23102842109ff9c1abf1350bad4ec7e4662f4112.png)