### 简要描述:
RT
### 详细说明:
山东农友软件公司官网:http://www.nongyou.com.cn/
和这个漏洞 [WooYun: 某政府系统三处注入打包](http://www.wooyun.org/bugs/wooyun-2015-097690) 是同一文件的但是不是同一目录下的注入,不知道算不算重复啊
第一处:
http://61.133.119.187:8091/symItemView/ItemSixth.aspx?id=1
http://222.135.76.147:8200/symItemView/ItemSixth.aspx?id=1
http://222.135.127.190:7200/symItemView/ItemSixth.aspx?id=1
http://221.2.149.47:8200/symItemView/ItemSixth.aspx?id=1
http://218.59.205.41:8053/symItemView/ItemSixth.aspx?id=1
http://jwh.tanljgzx.gov.cn/symItemView/ItemSixth.aspx?id=1
http://221.2.171.59:8200/symItemView/ItemSixth.aspx?id=1
http://218.56.159.98:8001/symItemView/ItemSixth.aspx?id=1
http://123.134.189.60:8016/symItemView/ItemSixth.aspx?id=1
第二处:
http://61.133.119.187:8091/symItemView/ItemSecond.aspx?id=1
http://222.135.76.147:8200/symItemView/ItemSecond.aspx?id=1
http://222.135.127.190:7200/symItemView/ItemSecond.aspx?id=1
http://221.2.149.47:8200/symItemView/ItemSecond.aspx?id=1
http://218.59.205.41:8053/symItemView/ItemSecond.aspx?id=1
http://jwh.tanljgzx.gov.cn/symItemView/ItemSecond.aspx?id=1
http://221.2.171.59:8200/symItemView/ItemSecond.aspx?id=1
http://218.56.159.98:8001/symItemView/ItemSecond.aspx?id=1
http://123.134.189.60:8016/symItemView/ItemSecond.aspx?id=1
### 漏洞证明:
http://61.133.119.187:8091/symItemView/ItemSixth.aspx?id=1
[<img src="https://images.seebug.org/upload/201503/2309422423b1ce6d2f4bbe72d50d8ef716b91c1a.png" alt="QQ图片20150323094219.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201503/2309422423b1ce6d2f4bbe72d50d8ef716b91c1a.png)
http://221.2.149.47:8200/symItemView/ItemSecond.aspx?id=1
[<img src="https://images.seebug.org/upload/201503/23094401026b91e41a5f178cca87a481cd41dbf0.png" alt="QQ图片20150323094358.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201503/23094401026b91e41a5f178cca87a481cd41dbf0.png)
京公网安备 11010502034610号
暂无评论