当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0102167

漏洞标题:某查询系统存在通用注入

相关厂商:上海财大科技发展有限公司

漏洞作者: 路人甲

提交时间:2015-03-19 10:05

修复时间:2015-06-21 11:02

公开时间:2015-06-21 11:02

漏洞类型:SQL注射漏洞

危害等级:高

自评Rank:20

漏洞状态:已交由第三方合作机构(cncert国家互联网应急中心)处理

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2015-03-19: 细节已通知厂商并且等待厂商处理中
2015-03-23: 厂商已经确认,细节仅向厂商公开
2015-03-26: 细节向第三方安全合作伙伴开放
2015-05-17: 细节向核心白帽子及相关领域专家公开
2015-05-27: 细节向普通白帽子公开
2015-06-06: 细节向实习白帽子公开
2015-06-21: 细节向公众公开

简要描述:

RT

详细说明:

案例如下:
http://61.142.174.200/cwc/KFweb/admin/CwQueryItem.aspx
http://cwc.sxufe.edu.cn/KfWeb/admin/CwQueryItem.aspx
http://www.shcdkf.com/kfweb/admin/CwQueryItem.aspx
http://gzcx.tynu.edu.cn/kfweb/admin/CwQueryItem.aspx
http://cwch.ahu.edu.cn/querynetweb//admin/CwQueryItem.aspx
http://221.5.51.228/cjb/admin/CwQueryItem.aspx
http://59.72.128.44/KfWeb/admin/CwQueryItem.aspx
http://www.cqvie.com/xfcxbn/admin/CwQueryItem.aspx
需要一个一个的抓包。。
1.测试第一个:http://59.72.128.44/KfWeb/admin/CwQueryItem.aspx

POST /KfWeb/admin/CwQueryItem.aspx HTTP/1.1
Host: 59.72.128.44
Proxy-Connection: keep-alive
Content-Length: 8548
Cache-Control: max-age=0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Origin: http://59.72.128.44
User-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: http://59.72.128.44/KfWeb/admin/CwQueryItem.aspx
Accept-Encoding: gzip,deflate,sdch
Accept-Language: zh-CN,zh;q=0.8
Cookie: ASP.NET_SessionId=phjknnixu1bith55uy32qi55
__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwULLTIwNzM0OTcxMTAPFgIeAklkBSRjNTFiODc3MS0zZTNkLTQ5YjUtOWY3Ni01MzcxMjI5NThlMWQWAgIDD2QWCAIBDw8WAh4HVmlzaWJsZWhkFgYCAw8PFgIeBFRleHQFEDAwMTAwMi7liJjlkozlv6BkZAIJDw8WAh8CBQs1MjEwMjA2MDAwLmRkAg0PDxYCHwJlZGQCAw8PFgIfAWhkFgZmDxAPFgIeB0NoZWNrZWRoZGRkZAICDxAPFgIfA2hkZGRkAgQPEA8WAh8DaGRkZGQCBQ8PFgIfAWdkZAIHDzwrAA0BAA8WBB4LXyFEYXRhQm91bmRnHgtfIUl0ZW1Db3VudALYEWQWAmYPZBYkZg9kFgICBQ8PFgIfAWhkZAIBD2QWDGYPZBYEAgEPDxYEHwIFBuS%2FruaUuR4PQ29tbWFuZEFyZ3VtZW50BUdjNTFiODc3MS0zZTNkLTQ5YjUtOWY3Ni01MzcxMjI5NThlMWQmMDAxMDAyLuWImOWSjOW%2FoCY1MjEwMjA2MDAwLiZuYnNwO2RkAgMPDxYGHwIFBuWIoOmZpB8GBSRjNTFiODc3MS0zZTNkLTQ5YjUtOWY3Ni01MzcxMjI5NThlMWQeDU9uQ2xpZW50Q2xpY2sFS3JldHVybiBjb25maXJtKCfnoa7orqTliKDpmaTkurrlkZjjgJDliJjlkozlv6DjgJHpobnnm67jgJAmbmJzcDvjgJHlkJfvvJ8nKWRkAgEPDxYCHwIFBjAwMTAwMmRkAgIPDxYCHwIFCeWImOWSjOW%2FoGRkAgMPDxYCHwIFEDUyMTAyMDYwMDAgICAgICBkZAIEDw8WAh8CBQYmbmJzcDtkZAIFDw8WBB8CBSRjNTFiODc3MS0zZTNkLTQ5YjUtOWY3Ni01MzcxMjI5NThlMWQfAWhkZAICD2QWDGYPZBYEAgEPDxYEHwIFBuS%2FruaUuR8GBUdmYTdmNTY4ZC00MWY0LTQyODYtYWNlNy1jMmE4ZTQ4NjAxMzYmMDAxMDAyLuWImOWSjOW%2FoCY1MjEwMjA2MDAxLiZuYnNwO2RkAgMPDxYGHwIFBuWIoOmZpB8GBSRmYTdmNTY4ZC00MWY0LTQyODYtYWNlNy1jMmE4ZTQ4NjAxMzYfBwVLcmV0dXJuIGNvbmZpcm0oJ%2BehruiupOWIoOmZpOS6uuWRmOOAkOWImOWSjOW%2FoOOAkemhueebruOAkCZuYnNwO%2BOAkeWQl%2B%2B8nycpZGQCAQ8PFgIfAgUDLi4uZGQCAg8PFgIfAgUDLi4uZGQCAw8PFgIfAgUQNTIxMDIwNjAwMSAgICAgIGRkAgQPDxYCHwIFBiZuYnNwO2RkAgUPDxYEHwIFJGZhN2Y1NjhkLTQxZjQtNDI4Ni1hY2U3LWMyYThlNDg2MDEzNh8BaGRkAgMPZBYMZg9kFgQCAQ8PFgQfAgUG5L%2Bu5pS5HwYFRzVkMTc0MjJlLTA1ZWUtNGUyNi05YWZlLTU2MDk5OTcyMmI0YiYwMDEwMDIu5YiY5ZKM5b%2BgJjUyMTAyMDkwMDAuJm5ic3A7ZGQCAw8PFgYfAgUG5Yig6ZmkHwYFJDVkMTc0MjJlLTA1ZWUtNGUyNi05YWZlLTU2MDk5OTcyMmI0Yh8HBUtyZXR1cm4gY29uZmlybSgn56Gu6K6k5Yig6Zmk5Lq65ZGY44CQ5YiY5ZKM5b%2Bg44CR6aG555uu44CQJm5ic3A744CR5ZCX77yfJylkZAIBDw8WAh8CBQMuLi5kZAICDw8WAh8CBQMuLi5kZAIDDw8WAh8CBRA1MjEwMjA5MDAwICAgICAgZGQCBA8PFgIfAgUGJm5ic3A7ZGQCBQ8PFgQfAgUkNWQxNzQyMmUtMDVlZS00ZTI2LTlhZmUtNTYwOTk5NzIyYjRiHwFoZGQCBA9kFgxmD2QWBAIBDw8WBB8CBQbkv67mlLkfBgVHODlkMjM5ODItYjUwNC00YTY4LWE3ODUtOGE4Zjk2NDQ1NThlJjAwMTAwMi7liJjlkozlv6AmNTIxMDIxNTAwMC4mbmJzcDtkZAIDDw8WBh8CBQbliKDpmaQfBgUkODlkMjM5ODItYjUwNC00YTY4LWE3ODUtOGE4Zjk2NDQ1NThlHwcFS3JldHVybiBjb25maXJtKCfnoa7orqTliKDpmaTkurrlkZjjgJDliJjlkozlv6DjgJHpobnnm67jgJAmbmJzcDvjgJHlkJfvvJ8nKWRkAgEPDxYCHwIFAy4uLmRkAgIPDxYCHwIFAy4uLmRkAgMPDxYCHwIFEDUyMTAyMTUwMDAgICAgICBkZAIEDw8WAh8CBQYmbmJzcDtkZAIFDw8WBB8CBSQ4OWQyMzk4Mi1iNTA0LTRhNjgtYTc4NS04YThmOTY0NDU1OGUfAWhkZAIFD2QWDGYPZBYEAgEPDxYEHwIFBuS%2FruaUuR8GBUcwNTkxMTUxOC1hY2M0LTRjZDktOGVmOS03NzQwZDhkZGJmM2UmMDAxMDAyLuWImOWSjOW%2FoCY1MjEwMjMzMDAwLiZuYnNwO2RkAgMPDxYGHwIFBuWIoOmZpB8GBSQwNTkxMTUxOC1hY2M0LTRjZDktOGVmOS03NzQwZDhkZGJmM2UfBwVLcmV0dXJuIGNvbmZpcm0oJ%2BehruiupOWIoOmZpOS6uuWRmOOAkOWImOWSjOW%2FoOOAkemhueebruOAkCZuYnNwO%2BOAkeWQl%2B%2B8nycpZGQCAQ8PFgIfAgUDLi4uZGQCAg8PFgIfAgUDLi4uZGQCAw8PFgIfAgUQNTIxMDIzMzAwMCAgICAgIGRkAgQPDxYCHwIFBiZuYnNwO2RkAgUPDxYEHwIFJDA1OTExNTE4LWFjYzQtNGNkOS04ZWY5LTc3NDBkOGRkYmYzZR8BaGRkAgYPZBYMZg9kFgQCAQ8PFgQfAgUG5L%2Bu5pS5HwYFSWVhMDk0M2ExLTRlOWItNGEyMy1hNDNjLTliZjMyNmViYTk4ZSYwMDEwMDIu5YiY5ZKM5b%2BgJjUyMTAyMzMwMTAxNC4mbmJzcDtkZAIDDw8WBh8CBQbliKDpmaQfBgUkZWEwOTQzYTEtNGU5Yi00YTIzLWE0M2MtOWJmMzI2ZWJhOThlHwcFS3JldHVybiBjb25maXJtKCfnoa7orqTliKDpmaTkurrlkZjjgJDliJjlkozlv6DjgJHpobnnm67jgJAmbmJzcDvjgJHlkJfvvJ8nKWRkAgEPDxYCHwIFAy4uLmRkAgIPDxYCHwIFAy4uLmRkAgMPDxYCHwIFEDUyMTAyMzMwMTAxNCAgICBkZAIEDw8WAh8CBQYmbmJzcDtkZAIFDw8WBB8CBSRlYTA5NDNhMS00ZTliLTRhMjMtYTQzYy05YmYzMjZlYmE5OGUfAWhkZAIHD2QWDGYPZBYEAgEPDxYEHwIFBuS%2FruaUuR8GBUk3YThmNWQ3MC1mMmRmLTQ1MmQtOTVlOC0wMzNlMjMwNDZkZmImMDAxMDAyLuWImOWSjOW%2FoCY1MjEwMjMzOTMwMDAuJm5ic3A7ZGQCAw8PFgYfAgUG5Yig6ZmkHwYFJDdhOGY1ZDcwLWYyZGYtNDUyZC05NWU4LTAzM2UyMzA0NmRmYh8HBUtyZXR1cm4gY29uZmlybSgn56Gu6K6k5Yig6Zmk5Lq65ZGY44CQ5YiY5ZKM5b%2Bg44CR6aG555uu44CQJm5ic3A744CR5ZCX77yfJylkZAIBDw8WAh8CBQMuLi5kZAICDw8WAh8CBQMuLi5kZAIDDw8WAh8CBRA1MjEwMjMzOTMwMDAgICAgZGQCBA8PFgIfAgUGJm5ic3A7ZGQCBQ8PFgQfAgUkN2E4ZjVkNzAtZjJkZi00NTJkLTk1ZTgtMDMzZTIzMDQ2ZGZiHwFoZGQCCA9kFgxmD2QWBAIBDw8WBB8CBQbkv67mlLkfBgVKNGE1MDBmOTQtOTljNy00ZmQwLTg3YjEtOTdlNzAxMzIyNzRjJjAwMTAwMi7liJjlkozlv6AmNTIxMDIzNTAxMzA2NS4mbmJzcDtkZAIDDw8WBh8CBQbliKDpmaQfBgUkNGE1MDBmOTQtOTljNy00ZmQwLTg3YjEtOTdlNzAxMzIyNzRjHwcFS3JldHVybiBjb25maXJtKCfnoa7orqTliKDpmaTkurrlkZjjgJDliJjlkozlv6DjgJHpobnnm67jgJAmbmJzcDvjgJHlkJfvvJ8nKWRkAgEPDxYCHwIFAy4uLmRkAgIPDxYCHwIFAy4uLmRkAgMPDxYCHwIFEDUyMTAyMzUwMTMwNjUgICBkZAIEDw8WAh8CBQYmbmJzcDtkZAIFDw8WBB8CBSQ0YTUwMGY5NC05OWM3LTRmZDAtODdiMS05N2U3MDEzMjI3NGMfAWhkZAIJD2QWDGYPZBYEAgEPDxYEHwIFBuS%2FruaUuR8GBUo1ZGFhYmI2YS03NmViLTRlZDQtYTk4Ni1kMmU1ODgwZDEyNDQmMDAxMDAyLuWImOWSjOW%2FoCY1MjEwMjM1MDEzMDY2LiZuYnNwO2RkAgMPDxYGHwIFBuWIoOmZpB8GBSQ1ZGFhYmI2YS03NmViLTRlZDQtYTk4Ni1kMmU1ODgwZDEyNDQfBwVLcmV0dXJuIGNvbmZpcm0oJ%2BehruiupOWIoOmZpOS6uuWRmOOAkOWImOWSjOW%2FoOOAkemhueebruOAkCZuYnNwO%2BOAkeWQl%2B%2B8nycpZGQCAQ8PFgIfAgUDLi4uZGQCAg8PFgIfAgUDLi4uZGQCAw8PFgIfAgUQNTIxMDIzNTAxMzA2NiAgIGRkAgQPDxYCHwIFBiZuYnNwO2RkAgUPDxYEHwIFJDVkYWFiYjZhLTc2ZWItNGVkNC1hOTg2LWQyZTU4ODBkMTI0NB8BaGRkAgoPZBYMZg9kFgQCAQ8PFgQfAgUG5L%2Bu5pS5HwYFSmI2NWNiNjZlLThiNGItNGNiNi1hOGQ5LWEwMDUzNmJlNWQ0MCYwMDEwMDIu5YiY5ZKM5b%2BgJjUyMTAyMzUwMTMyODguJm5ic3A7ZGQCAw8PFgYfAgUG5Yig6ZmkHwYFJGI2NWNiNjZlLThiNGItNGNiNi1hOGQ5LWEwMDUzNmJlNWQ0MB8HBUtyZXR1cm4gY29uZmlybSgn56Gu6K6k5Yig6Zmk5Lq65ZGY44CQ5YiY5ZKM5b%2Bg44CR6aG555uu44CQJm5ic3A744CR5ZCX77yfJylkZAIBDw8WAh8CBQMuLi5kZAICDw8WAh8CBQMuLi5kZAIDDw8WAh8CBRA1MjEwMjM1MDEzMjg4ICAgZGQCBA8PFgIfAgUGJm5ic3A7ZGQCBQ8PFgQfAgUkYjY1Y2I2NmUtOGI0Yi00Y2I2LWE4ZDktYTAwNTM2YmU1ZDQwHwFoZGQCCw9kFgxmD2QWBAIBDw8WBB8CBQbkv67mlLkfBgVHMDliZTUzM2MtNDg5NC00ZjMwLThjNmYtYTdhY2UzNTA2NmIxJjAwMTAwMi7liJjlkozlv6AmNTIxMDI0MTAwMC4mbmJzcDtkZAIDDw8WBh8CBQbliKDpmaQfBgUkMDliZTUzM2MtNDg5NC00ZjMwLThjNmYtYTdhY2UzNTA2NmIxHwcFS3JldHVybiBjb25maXJtKCfnoa7orqTliKDpmaTkurrlkZjjgJDliJjlkozlv6DjgJHpobnnm67jgJAmbmJzcDvjgJHlkJfvvJ8nKWRkAgEPDxYCHwIFAy4uLmRkAgIPDxYCHwIFAy4uLmRkAgMPDxYCHwIFEDUyMTAyNDEwMDAgICAgICBkZAIEDw8WAh8CBQYmbmJzcDtkZAIFDw8WBB8CBSQwOWJlNTMzYy00ODk0LTRmMzAtOGM2Zi1hN2FjZTM1MDY2YjEfAWhkZAIMD2QWDGYPZBYEAgEPDxYEHwIFBuS%2FruaUuR8GBUdhMTI2M2RjNy1iYWZmLTRiNTktODcxNy1hYmFjNjFiMjIzMTgmMDAxMDAyLuWImOWSjOW%2FoCY1MjEwMjQ5MDkwLiZuYnNwO2RkAgMPDxYGHwIFBuWIoOmZpB8GBSRhMTI2M2RjNy1iYWZmLTRiNTktODcxNy1hYmFjNjFiMjIzMTgfBwVLcmV0dXJuIGNvbmZpcm0oJ%2BehruiupOWIoOmZpOS6uuWRmOOAkOWImOWSjOW%2FoOOAkemhueebruOAkCZuYnNwO%2BOAkeWQl%2B%2B8nycpZGQCAQ8PFgIfAgUDLi4uZGQCAg8PFgIfAgUDLi4uZGQCAw8PFgIfAgUQNTIxMDI0OTA5MCAgICAgIGRkAgQPDxYCHwIFBiZuYnNwO2RkAgUPDxYEHwIFJGExMjYzZGM3LWJhZmYtNGI1OS04NzE3LWFiYWM2MWIyMjMxOB8BaGRkAg0PZBYMZg9kFgQCAQ8PFgQfAgUG5L%2Bu5pS5HwYFRzhjODc2MjNkLWE4ZGUtNDNiNy04NDBiLTAwY2ZjNWQ3NzY3OCYwMDEwMDIu5YiY5ZKM5b%2BgJjUyMTAyNTYwMDAuJm5ic3A7ZGQCAw8PFgYfAgUG5Yig6ZmkHwYFJDhjODc2MjNkLWE4ZGUtNDNiNy04NDBiLTAwY2ZjNWQ3NzY3OB8HBUtyZXR1cm4gY29uZmlybSgn56Gu6K6k5Yig6Zmk5Lq65ZGY44CQ5YiY5ZKM5b%2Bg44CR6aG555uu44CQJm5ic3A744CR5ZCX77yfJylkZAIBDw8WAh8CBQMuLi5kZAICDw8WAh8CBQMuLi5kZAIDDw8WAh8CBRA1MjEwMjU2MDAwICAgICAgZGQCBA8PFgIfAgUGJm5ic3A7ZGQCBQ8PFgQfAgUkOGM4NzYyM2QtYThkZS00M2I3LTg0MGItMDBjZmM1ZDc3Njc4HwFoZGQCDg9kFgxmD2QWBAIBDw8WBB8CBQbkv67mlLkfBgVIZGI5MzU2YmUtYWY1NC00MTA5LTllMzktNTYyMzE3MmU2NmM1JjAwMTAwMi7liJjlkozlv6AmNTIxMDI1NjIwMDAuJm5ic3A7ZGQCAw8PFgYfAgUG5Yig6ZmkHwYFJGRiOTM1NmJlLWFmNTQtNDEwOS05ZTM5LTU2MjMxNzJlNjZjNR8HBUtyZXR1cm4gY29uZmlybSgn56Gu6K6k5Yig6Zmk5Lq65ZGY44CQ5YiY5ZKM5b%2Bg44CR6aG555uu44CQJm5ic3A744CR5ZCX77yfJylkZAIBDw8WAh8CBQMuLi5kZAICDw8WAh8CBQMuLi5kZAIDDw8WAh8CBRA1MjEwMjU2MjAwMCAgICAgZGQCBA8PFgIfAgUGJm5ic3A7ZGQCBQ8PFgQfAgUkZGI5MzU2YmUtYWY1NC00MTA5LTllMzktNTYyMzE3MmU2NmM1HwFoZGQCDw9kFgxmD2QWBAIBDw8WBB8CBQbkv67mlLkfBgVKMTVhNDkzZTktNzI5Mi00NzM5LWEyYzYtNzYwYWVmZDVlZDNhJjAwMTAwMi7liJjlkozlv6AmNTIxMDI3MDgwMjAxNC4mbmJzcDtkZAIDDw8WBh8CBQbliKDpmaQfBgUkMTVhNDkzZTktNzI5Mi00NzM5LWEyYzYtNzYwYWVmZDVlZDNhHwcFS3JldHVybiBjb25maXJtKCfnoa7orqTliKDpmaTkurrlkZjjgJDliJjlkozlv6DjgJHpobnnm67jgJAmbmJzcDvjgJHlkJfvvJ8nKWRkAgEPDxYCHwIFAy4uLmRkAgIPDxYCHwIFAy4uLmRkAgMPDxYCHwIFEDUyMTAyNzA4MDIwMTQgICBkZAIEDw8WAh8CBQYmbmJzcDtkZAIFDw8WBB8CBSQxNWE0OTNlOS03MjkyLTQ3MzktYTJjNi03NjBhZWZkNWVkM2EfAWhkZAIQDw8WAh8BaGRkAhEPZBYCZg9kFgICAQ8PFgQeCFBhZ2VTaXplAg8eC1JlY29yZGNvdW50AtgRZGQYAQUJR3JpZFZpZXczDzwrAAkBCAKXAWQylLZx3ykbTIMwPrmCd%2FTAbRfucQ%3D%3D&txtXm=22&btQuery=%B9%FD%C2%CB&GridView3%24ctl18%24AspNetPager3_input=1&__EVENTVALIDATION=%2FwEWJAKo%2FvrYAwLIh%2Fa5CQLdlJ6RAgLP3YKoDQKD%2B%2Br3AwLH2uzpCwLX6%2BKhDQLFo43VCgKIs43rCwLI0tnRBAL18OiXCwKrrfjTCALOpPfyAgKunLr7AgKT4pOFDgKJxv%2FrBgLEqb7ODAK8iNHyBAKx55n7CwK%2FvLXNAwK6roWqBgLyqvm%2FBQKK5%2Bb8BQKWspr%2FBgKTrtIrAun5o8oDAtjr7r0LAsSjkfEIAomzmYcKAsfS3e0CAvbw9LMJAqqt%2FO8GAs%2Bkg48BAq2cvpcBApTin6EMAojGg4gF%2BIqK38BoesqTk%2BHFuMrAp7%2BvHTg%3D


参数:txtXm存在注入。

3.png


漏洞证明:

1.测试第一个:http://59.72.128.44/KfWeb/admin/CwQueryItem.aspx

POST /KfWeb/admin/CwQueryItem.aspx HTTP/1.1
Host: 59.72.128.44
Proxy-Connection: keep-alive
Content-Length: 8548
Cache-Control: max-age=0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Origin: http://59.72.128.44
User-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: http://59.72.128.44/KfWeb/admin/CwQueryItem.aspx
Accept-Encoding: gzip,deflate,sdch
Accept-Language: zh-CN,zh;q=0.8
Cookie: ASP.NET_SessionId=phjknnixu1bith55uy32qi55
__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwULLTIwNzM0OTcxMTAPFgIeAklkBSRjNTFiODc3MS0zZTNkLTQ5YjUtOWY3Ni01MzcxMjI5NThlMWQWAgIDD2QWCAIBDw8WAh4HVmlzaWJsZWhkFgYCAw8PFgIeBFRleHQFEDAwMTAwMi7liJjlkozlv6BkZAIJDw8WAh8CBQs1MjEwMjA2MDAwLmRkAg0PDxYCHwJlZGQCAw8PFgIfAWhkFgZmDxAPFgIeB0NoZWNrZWRoZGRkZAICDxAPFgIfA2hkZGRkAgQPEA8WAh8DaGRkZGQCBQ8PFgIfAWdkZAIHDzwrAA0BAA8WBB4LXyFEYXRhQm91bmRnHgtfIUl0ZW1Db3VudALYEWQWAmYPZBYkZg9kFgICBQ8PFgIfAWhkZAIBD2QWDGYPZBYEAgEPDxYEHwIFBuS%2FruaUuR4PQ29tbWFuZEFyZ3VtZW50BUdjNTFiODc3MS0zZTNkLTQ5YjUtOWY3Ni01MzcxMjI5NThlMWQmMDAxMDAyLuWImOWSjOW%2FoCY1MjEwMjA2MDAwLiZuYnNwO2RkAgMPDxYGHwIFBuWIoOmZpB8GBSRjNTFiODc3MS0zZTNkLTQ5YjUtOWY3Ni01MzcxMjI5NThlMWQeDU9uQ2xpZW50Q2xpY2sFS3JldHVybiBjb25maXJtKCfnoa7orqTliKDpmaTkurrlkZjjgJDliJjlkozlv6DjgJHpobnnm67jgJAmbmJzcDvjgJHlkJfvvJ8nKWRkAgEPDxYCHwIFBjAwMTAwMmRkAgIPDxYCHwIFCeWImOWSjOW%2FoGRkAgMPDxYCHwIFEDUyMTAyMDYwMDAgICAgICBkZAIEDw8WAh8CBQYmbmJzcDtkZAIFDw8WBB8CBSRjNTFiODc3MS0zZTNkLTQ5YjUtOWY3Ni01MzcxMjI5NThlMWQfAWhkZAICD2QWDGYPZBYEAgEPDxYEHwIFBuS%2FruaUuR8GBUdmYTdmNTY4ZC00MWY0LTQyODYtYWNlNy1jMmE4ZTQ4NjAxMzYmMDAxMDAyLuWImOWSjOW%2FoCY1MjEwMjA2MDAxLiZuYnNwO2RkAgMPDxYGHwIFBuWIoOmZpB8GBSRmYTdmNTY4ZC00MWY0LTQyODYtYWNlNy1jMmE4ZTQ4NjAxMzYfBwVLcmV0dXJuIGNvbmZpcm0oJ%2BehruiupOWIoOmZpOS6uuWRmOOAkOWImOWSjOW%2FoOOAkemhueebruOAkCZuYnNwO%2BOAkeWQl%2B%2B8nycpZGQCAQ8PFgIfAgUDLi4uZGQCAg8PFgIfAgUDLi4uZGQCAw8PFgIfAgUQNTIxMDIwNjAwMSAgICAgIGRkAgQPDxYCHwIFBiZuYnNwO2RkAgUPDxYEHwIFJGZhN2Y1NjhkLTQxZjQtNDI4Ni1hY2U3LWMyYThlNDg2MDEzNh8BaGRkAgMPZBYMZg9kFgQCAQ8PFgQfAgUG5L%2Bu5pS5HwYFRzVkMTc0MjJlLTA1ZWUtNGUyNi05YWZlLTU2MDk5OTcyMmI0YiYwMDEwMDIu5YiY5ZKM5b%2BgJjUyMTAyMDkwMDAuJm5ic3A7ZGQCAw8PFgYfAgUG5Yig6ZmkHwYFJDVkMTc0MjJlLTA1ZWUtNGUyNi05YWZlLTU2MDk5OTcyMmI0Yh8HBUtyZXR1cm4gY29uZmlybSgn56Gu6K6k5Yig6Zmk5Lq65ZGY44CQ5YiY5ZKM5b%2Bg44CR6aG555uu44CQJm5ic3A744CR5ZCX77yfJylkZAIBDw8WAh8CBQMuLi5kZAICDw8WAh8CBQMuLi5kZAIDDw8WAh8CBRA1MjEwMjA5MDAwICAgICAgZGQCBA8PFgIfAgUGJm5ic3A7ZGQCBQ8PFgQfAgUkNWQxNzQyMmUtMDVlZS00ZTI2LTlhZmUtNTYwOTk5NzIyYjRiHwFoZGQCBA9kFgxmD2QWBAIBDw8WBB8CBQbkv67mlLkfBgVHODlkMjM5ODItYjUwNC00YTY4LWE3ODUtOGE4Zjk2NDQ1NThlJjAwMTAwMi7liJjlkozlv6AmNTIxMDIxNTAwMC4mbmJzcDtkZAIDDw8WBh8CBQbliKDpmaQfBgUkODlkMjM5ODItYjUwNC00YTY4LWE3ODUtOGE4Zjk2NDQ1NThlHwcFS3JldHVybiBjb25maXJtKCfnoa7orqTliKDpmaTkurrlkZjjgJDliJjlkozlv6DjgJHpobnnm67jgJAmbmJzcDvjgJHlkJfvvJ8nKWRkAgEPDxYCHwIFAy4uLmRkAgIPDxYCHwIFAy4uLmRkAgMPDxYCHwIFEDUyMTAyMTUwMDAgICAgICBkZAIEDw8WAh8CBQYmbmJzcDtkZAIFDw8WBB8CBSQ4OWQyMzk4Mi1iNTA0LTRhNjgtYTc4NS04YThmOTY0NDU1OGUfAWhkZAIFD2QWDGYPZBYEAgEPDxYEHwIFBuS%2FruaUuR8GBUcwNTkxMTUxOC1hY2M0LTRjZDktOGVmOS03NzQwZDhkZGJmM2UmMDAxMDAyLuWImOWSjOW%2FoCY1MjEwMjMzMDAwLiZuYnNwO2RkAgMPDxYGHwIFBuWIoOmZpB8GBSQwNTkxMTUxOC1hY2M0LTRjZDktOGVmOS03NzQwZDhkZGJmM2UfBwVLcmV0dXJuIGNvbmZpcm0oJ%2BehruiupOWIoOmZpOS6uuWRmOOAkOWImOWSjOW%2FoOOAkemhueebruOAkCZuYnNwO%2BOAkeWQl%2B%2B8nycpZGQCAQ8PFgIfAgUDLi4uZGQCAg8PFgIfAgUDLi4uZGQCAw8PFgIfAgUQNTIxMDIzMzAwMCAgICAgIGRkAgQPDxYCHwIFBiZuYnNwO2RkAgUPDxYEHwIFJDA1OTExNTE4LWFjYzQtNGNkOS04ZWY5LTc3NDBkOGRkYmYzZR8BaGRkAgYPZBYMZg9kFgQCAQ8PFgQfAgUG5L%2Bu5pS5HwYFSWVhMDk0M2ExLTRlOWItNGEyMy1hNDNjLTliZjMyNmViYTk4ZSYwMDEwMDIu5YiY5ZKM5b%2BgJjUyMTAyMzMwMTAxNC4mbmJzcDtkZAIDDw8WBh8CBQbliKDpmaQfBgUkZWEwOTQzYTEtNGU5Yi00YTIzLWE0M2MtOWJmMzI2ZWJhOThlHwcFS3JldHVybiBjb25maXJtKCfnoa7orqTliKDpmaTkurrlkZjjgJDliJjlkozlv6DjgJHpobnnm67jgJAmbmJzcDvjgJHlkJfvvJ8nKWRkAgEPDxYCHwIFAy4uLmRkAgIPDxYCHwIFAy4uLmRkAgMPDxYCHwIFEDUyMTAyMzMwMTAxNCAgICBkZAIEDw8WAh8CBQYmbmJzcDtkZAIFDw8WBB8CBSRlYTA5NDNhMS00ZTliLTRhMjMtYTQzYy05YmYzMjZlYmE5OGUfAWhkZAIHD2QWDGYPZBYEAgEPDxYEHwIFBuS%2FruaUuR8GBUk3YThmNWQ3MC1mMmRmLTQ1MmQtOTVlOC0wMzNlMjMwNDZkZmImMDAxMDAyLuWImOWSjOW%2FoCY1MjEwMjMzOTMwMDAuJm5ic3A7ZGQCAw8PFgYfAgUG5Yig6ZmkHwYFJDdhOGY1ZDcwLWYyZGYtNDUyZC05NWU4LTAzM2UyMzA0NmRmYh8HBUtyZXR1cm4gY29uZmlybSgn56Gu6K6k5Yig6Zmk5Lq65ZGY44CQ5YiY5ZKM5b%2Bg44CR6aG555uu44CQJm5ic3A744CR5ZCX77yfJylkZAIBDw8WAh8CBQMuLi5kZAICDw8WAh8CBQMuLi5kZAIDDw8WAh8CBRA1MjEwMjMzOTMwMDAgICAgZGQCBA8PFgIfAgUGJm5ic3A7ZGQCBQ8PFgQfAgUkN2E4ZjVkNzAtZjJkZi00NTJkLTk1ZTgtMDMzZTIzMDQ2ZGZiHwFoZGQCCA9kFgxmD2QWBAIBDw8WBB8CBQbkv67mlLkfBgVKNGE1MDBmOTQtOTljNy00ZmQwLTg3YjEtOTdlNzAxMzIyNzRjJjAwMTAwMi7liJjlkozlv6AmNTIxMDIzNTAxMzA2NS4mbmJzcDtkZAIDDw8WBh8CBQbliKDpmaQfBgUkNGE1MDBmOTQtOTljNy00ZmQwLTg3YjEtOTdlNzAxMzIyNzRjHwcFS3JldHVybiBjb25maXJtKCfnoa7orqTliKDpmaTkurrlkZjjgJDliJjlkozlv6DjgJHpobnnm67jgJAmbmJzcDvjgJHlkJfvvJ8nKWRkAgEPDxYCHwIFAy4uLmRkAgIPDxYCHwIFAy4uLmRkAgMPDxYCHwIFEDUyMTAyMzUwMTMwNjUgICBkZAIEDw8WAh8CBQYmbmJzcDtkZAIFDw8WBB8CBSQ0YTUwMGY5NC05OWM3LTRmZDAtODdiMS05N2U3MDEzMjI3NGMfAWhkZAIJD2QWDGYPZBYEAgEPDxYEHwIFBuS%2FruaUuR8GBUo1ZGFhYmI2YS03NmViLTRlZDQtYTk4Ni1kMmU1ODgwZDEyNDQmMDAxMDAyLuWImOWSjOW%2FoCY1MjEwMjM1MDEzMDY2LiZuYnNwO2RkAgMPDxYGHwIFBuWIoOmZpB8GBSQ1ZGFhYmI2YS03NmViLTRlZDQtYTk4Ni1kMmU1ODgwZDEyNDQfBwVLcmV0dXJuIGNvbmZpcm0oJ%2BehruiupOWIoOmZpOS6uuWRmOOAkOWImOWSjOW%2FoOOAkemhueebruOAkCZuYnNwO%2BOAkeWQl%2B%2B8nycpZGQCAQ8PFgIfAgUDLi4uZGQCAg8PFgIfAgUDLi4uZGQCAw8PFgIfAgUQNTIxMDIzNTAxMzA2NiAgIGRkAgQPDxYCHwIFBiZuYnNwO2RkAgUPDxYEHwIFJDVkYWFiYjZhLTc2ZWItNGVkNC1hOTg2LWQyZTU4ODBkMTI0NB8BaGRkAgoPZBYMZg9kFgQCAQ8PFgQfAgUG5L%2Bu5pS5HwYFSmI2NWNiNjZlLThiNGItNGNiNi1hOGQ5LWEwMDUzNmJlNWQ0MCYwMDEwMDIu5YiY5ZKM5b%2BgJjUyMTAyMzUwMTMyODguJm5ic3A7ZGQCAw8PFgYfAgUG5Yig6ZmkHwYFJGI2NWNiNjZlLThiNGItNGNiNi1hOGQ5LWEwMDUzNmJlNWQ0MB8HBUtyZXR1cm4gY29uZmlybSgn56Gu6K6k5Yig6Zmk5Lq65ZGY44CQ5YiY5ZKM5b%2Bg44CR6aG555uu44CQJm5ic3A744CR5ZCX77yfJylkZAIBDw8WAh8CBQMuLi5kZAICDw8WAh8CBQMuLi5kZAIDDw8WAh8CBRA1MjEwMjM1MDEzMjg4ICAgZGQCBA8PFgIfAgUGJm5ic3A7ZGQCBQ8PFgQfAgUkYjY1Y2I2NmUtOGI0Yi00Y2I2LWE4ZDktYTAwNTM2YmU1ZDQwHwFoZGQCCw9kFgxmD2QWBAIBDw8WBB8CBQbkv67mlLkfBgVHMDliZTUzM2MtNDg5NC00ZjMwLThjNmYtYTdhY2UzNTA2NmIxJjAwMTAwMi7liJjlkozlv6AmNTIxMDI0MTAwMC4mbmJzcDtkZAIDDw8WBh8CBQbliKDpmaQfBgUkMDliZTUzM2MtNDg5NC00ZjMwLThjNmYtYTdhY2UzNTA2NmIxHwcFS3JldHVybiBjb25maXJtKCfnoa7orqTliKDpmaTkurrlkZjjgJDliJjlkozlv6DjgJHpobnnm67jgJAmbmJzcDvjgJHlkJfvvJ8nKWRkAgEPDxYCHwIFAy4uLmRkAgIPDxYCHwIFAy4uLmRkAgMPDxYCHwIFEDUyMTAyNDEwMDAgICAgICBkZAIEDw8WAh8CBQYmbmJzcDtkZAIFDw8WBB8CBSQwOWJlNTMzYy00ODk0LTRmMzAtOGM2Zi1hN2FjZTM1MDY2YjEfAWhkZAIMD2QWDGYPZBYEAgEPDxYEHwIFBuS%2FruaUuR8GBUdhMTI2M2RjNy1iYWZmLTRiNTktODcxNy1hYmFjNjFiMjIzMTgmMDAxMDAyLuWImOWSjOW%2FoCY1MjEwMjQ5MDkwLiZuYnNwO2RkAgMPDxYGHwIFBuWIoOmZpB8GBSRhMTI2M2RjNy1iYWZmLTRiNTktODcxNy1hYmFjNjFiMjIzMTgfBwVLcmV0dXJuIGNvbmZpcm0oJ%2BehruiupOWIoOmZpOS6uuWRmOOAkOWImOWSjOW%2FoOOAkemhueebruOAkCZuYnNwO%2BOAkeWQl%2B%2B8nycpZGQCAQ8PFgIfAgUDLi4uZGQCAg8PFgIfAgUDLi4uZGQCAw8PFgIfAgUQNTIxMDI0OTA5MCAgICAgIGRkAgQPDxYCHwIFBiZuYnNwO2RkAgUPDxYEHwIFJGExMjYzZGM3LWJhZmYtNGI1OS04NzE3LWFiYWM2MWIyMjMxOB8BaGRkAg0PZBYMZg9kFgQCAQ8PFgQfAgUG5L%2Bu5pS5HwYFRzhjODc2MjNkLWE4ZGUtNDNiNy04NDBiLTAwY2ZjNWQ3NzY3OCYwMDEwMDIu5YiY5ZKM5b%2BgJjUyMTAyNTYwMDAuJm5ic3A7ZGQCAw8PFgYfAgUG5Yig6ZmkHwYFJDhjODc2MjNkLWE4ZGUtNDNiNy04NDBiLTAwY2ZjNWQ3NzY3OB8HBUtyZXR1cm4gY29uZmlybSgn56Gu6K6k5Yig6Zmk5Lq65ZGY44CQ5YiY5ZKM5b%2Bg44CR6aG555uu44CQJm5ic3A744CR5ZCX77yfJylkZAIBDw8WAh8CBQMuLi5kZAICDw8WAh8CBQMuLi5kZAIDDw8WAh8CBRA1MjEwMjU2MDAwICAgICAgZGQCBA8PFgIfAgUGJm5ic3A7ZGQCBQ8PFgQfAgUkOGM4NzYyM2QtYThkZS00M2I3LTg0MGItMDBjZmM1ZDc3Njc4HwFoZGQCDg9kFgxmD2QWBAIBDw8WBB8CBQbkv67mlLkfBgVIZGI5MzU2YmUtYWY1NC00MTA5LTllMzktNTYyMzE3MmU2NmM1JjAwMTAwMi7liJjlkozlv6AmNTIxMDI1NjIwMDAuJm5ic3A7ZGQCAw8PFgYfAgUG5Yig6ZmkHwYFJGRiOTM1NmJlLWFmNTQtNDEwOS05ZTM5LTU2MjMxNzJlNjZjNR8HBUtyZXR1cm4gY29uZmlybSgn56Gu6K6k5Yig6Zmk5Lq65ZGY44CQ5YiY5ZKM5b%2Bg44CR6aG555uu44CQJm5ic3A744CR5ZCX77yfJylkZAIBDw8WAh8CBQMuLi5kZAICDw8WAh8CBQMuLi5kZAIDDw8WAh8CBRA1MjEwMjU2MjAwMCAgICAgZGQCBA8PFgIfAgUGJm5ic3A7ZGQCBQ8PFgQfAgUkZGI5MzU2YmUtYWY1NC00MTA5LTllMzktNTYyMzE3MmU2NmM1HwFoZGQCDw9kFgxmD2QWBAIBDw8WBB8CBQbkv67mlLkfBgVKMTVhNDkzZTktNzI5Mi00NzM5LWEyYzYtNzYwYWVmZDVlZDNhJjAwMTAwMi7liJjlkozlv6AmNTIxMDI3MDgwMjAxNC4mbmJzcDtkZAIDDw8WBh8CBQbliKDpmaQfBgUkMTVhNDkzZTktNzI5Mi00NzM5LWEyYzYtNzYwYWVmZDVlZDNhHwcFS3JldHVybiBjb25maXJtKCfnoa7orqTliKDpmaTkurrlkZjjgJDliJjlkozlv6DjgJHpobnnm67jgJAmbmJzcDvjgJHlkJfvvJ8nKWRkAgEPDxYCHwIFAy4uLmRkAgIPDxYCHwIFAy4uLmRkAgMPDxYCHwIFEDUyMTAyNzA4MDIwMTQgICBkZAIEDw8WAh8CBQYmbmJzcDtkZAIFDw8WBB8CBSQxNWE0OTNlOS03MjkyLTQ3MzktYTJjNi03NjBhZWZkNWVkM2EfAWhkZAIQDw8WAh8BaGRkAhEPZBYCZg9kFgICAQ8PFgQeCFBhZ2VTaXplAg8eC1JlY29yZGNvdW50AtgRZGQYAQUJR3JpZFZpZXczDzwrAAkBCAKXAWQylLZx3ykbTIMwPrmCd%2FTAbRfucQ%3D%3D&txtXm=22&btQuery=%B9%FD%C2%CB&GridView3%24ctl18%24AspNetPager3_input=1&__EVENTVALIDATION=%2FwEWJAKo%2FvrYAwLIh%2Fa5CQLdlJ6RAgLP3YKoDQKD%2B%2Br3AwLH2uzpCwLX6%2BKhDQLFo43VCgKIs43rCwLI0tnRBAL18OiXCwKrrfjTCALOpPfyAgKunLr7AgKT4pOFDgKJxv%2FrBgLEqb7ODAK8iNHyBAKx55n7CwK%2FvLXNAwK6roWqBgLyqvm%2FBQKK5%2Bb8BQKWspr%2FBgKTrtIrAun5o8oDAtjr7r0LAsSjkfEIAomzmYcKAsfS3e0CAvbw9LMJAqqt%2FO8GAs%2Bkg48BAq2cvpcBApTin6EMAojGg4gF%2BIqK38BoesqTk%2BHFuMrAp7%2BvHTg%3D


参数:txtXm存在注入。

3.png

修复方案:

参数过滤。

版权声明:转载请注明来源 路人甲@乌云

漏洞回应

厂商回应:

危害等级:高

漏洞Rank:13

确认时间:2015-03-23 11:00

厂商回复:

CNVD确认所述情况,已经由CNVD通过网站公开联系方式(或以往建立的处置渠道)向网站管理单位(软件生产厂商)通报。

最新状态:

暂无