南京擎天科技开发的政府建站系统存在一处SQL注入
案例:
http://61.178.185.50/lzweb/webpages/webusercaselist.aspx
http://qlgk.taixing.gov.cn/webpages/webusercaselist.aspx
http://58.222.216.220/ggweb/webpages/webusercaselist.aspx
http://58.222.211.21/webpages/webusercaselist.aspx
http://61.178.185.50/wwweb/webpages/webusercaselist.aspx
http://qlgk.jingjiang.gov.cn/webpages/webusercaselist.aspx
post下参数key存在注入
测试http://58.222.211.21/webpages/webusercaselist.aspx