### 简要描述:
RT
### 详细说明:
http://www.infosea.com.cn/yonghu.html 北京清大新洋科技有限公司
注入文件:opac/ckmarc.jsp?kzh=
测试案例:
http://61.187.55.41:8090/opac/ckmarc.jsp?kzh=zyk0347383
http://tsjs.sdwm.cn:8000/opac/ckmarc.jsp?kzh=zyk0043454
http://60.171.185.69:8089/opac/ckmarc.jsp?kzh=zyk0046921
http://www.kflib.cn:8090/opac/ckmarc.jsp?kzh=zyk0000925
http://125.223.252.12:8089/opac/ckmarc.jsp?kzh=zyk0020576
http://218.75.178.63:8089/opac/ckmarc.jsp?kzh=zyk0035408
http://210.45.183.219/opac/ckmarc.jsp?kzh=zyk0126857
http://211.86.195.15:8086/opac/ckmarc.jsp?kzh=zyk0036020
http://59.51.114.198:8088/opac/ckmarc.jsp?kzh=zyk0026652
http://211.84.229.10:8089/opac/ckmarc.jsp?kzh=zyk9001223
### 漏洞证明:
http://211.84.229.10:8089/opac/ckmarc.jsp?kzh=zyk9001223
[<img src="https://images.seebug.org/upload/201505/261554242ed989adac584517f247662ef38f8743.jpg" alt="QQ图片20150526155307.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201505/261554242ed989adac584517f247662ef38f8743.jpg)
http://211.86.195.15:8086/opac/ckmarc.jsp?kzh=zyk0036020
[<img src="https://images.seebug.org/upload/201505/261600069ea831b7d4fbfca311f234d82dcdb46b.jpg" alt="QQ图片20150526155850.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201505/261600069ea831b7d4fbfca311f234d82dcdb46b.jpg)
京公网安备 11010502034610号
暂无评论