### 简要描述:
通用SQL注入漏洞#2
清大新洋官网:http://www.infosea.com.cn
### 详细说明:
图书馆书目检索系统
注入点:/opac/dzjgjsjg.jsp [POST]qsrq=&jsrq=&ssxx=
### 漏洞证明:
通用漏洞,下面给出多个案例进行证明:
案例①:http://**.**.**.**:8089/opac/dzjgjsjg.jsp
[<img src="https://images.seebug.org/upload/201507/13161730a746f5b32bc3c75f4895d1df5a1d7a64.jpg" alt="案例1.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201507/13161730a746f5b32bc3c75f4895d1df5a1d7a64.jpg)
案例②:**.**.**.**/opac/dzjgjsjg.jsp
[<img src="https://images.seebug.org/upload/201507/13161756771c404aee70ff7ca3a2a09478823e58.jpg" alt="案例2.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201507/13161756771c404aee70ff7ca3a2a09478823e58.jpg)
案例③:**.**.**.**:8088/opac/dzjgjsjg.jsp
[<img src="https://images.seebug.org/upload/201507/13161805029ccd8346e5f10920d3625ba2e1ef82.jpg" alt="案例3.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201507/13161805029ccd8346e5f10920d3625ba2e1ef82.jpg)
案例④:**.**.**.**:8088/opac/dzjgjsjg.jsp
[<img src="https://images.seebug.org/upload/201507/131618202ea21582fdc395428176fc250b91f543.jpg" alt="案例4.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201507/131618202ea21582fdc395428176fc250b91f543.jpg)
案例⑤:**.**.**.**:8089/opac/dzjgjsjg.jsp
[<img src="https://images.seebug.org/upload/201507/13161838eea5c87b2ddfebcd099cc6d30b548c02.jpg" alt="案例5.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201507/13161838eea5c87b2ddfebcd099cc6d30b548c02.jpg)
京公网安备 11010502034610号
暂无评论