当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2016-0174463

漏洞标题:用友软件某分站存在SQL注入漏洞

相关厂商:用友软件

漏洞作者: 路人甲

提交时间:2016-02-03 10:22

修复时间:2016-02-21 19:30

公开时间:2016-02-21 19:30

漏洞类型:SQL注射漏洞

危害等级:高

自评Rank:14

漏洞状态:漏洞已经通知厂商但是厂商忽略漏洞

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2016-02-03: 细节已通知厂商并且等待厂商处理中
2016-02-21: 厂商已经主动忽略漏洞,细节向公众公开

简要描述:

详细说明:

POST /AppWeb/BuDing/BuDing.aspx?bdmc=1&gjz=1 HTTP/1.1
Content-Length: 6737
Content-Type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest
Referer: http://service.yonyou.com/
Cookie: ASP.NET_SessionId=3uajgjuxqdz3jsex2mt2opve
Host: service.yonyou.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.21
Accept: */*
btnChaXun=&gvBuDing%24ctl00%24TextBox5=U8%e5%85%b6%e4%bb%96%ef%bc%8d%e6%96%87%e6%a1%a3%e5%b7%a5%e5%85%b7%ef%bc%8d%e4%b8%93%e7%94%a8%e8%a1%a5%e4%b8%81&gvBuDing%24ctl00%24TextBox6=2011/11/09&gvBuDing%24ctl01%24TextBox5=8.51A%ef%bc%8d%e8%b4%a2%e5%8a%a1%e4%bc%9a%e8%ae%a1%ef%bc%8d%e5%b7%a5%e8%b5%84%e7%ae%a1%e7%90%86&gvBuDing%24ctl01%24TextBox6=2009/09/01&gvBuDing%24ctl02%24TextBox5=%e5%88%86%e9%94%80%e4%b8%8e%e9%9b%b6%e5%94%ae%ef%bc%8d%e7%bd%91%e7%bb%9c%e5%88%86%e9%94%80%ef%bc%8d%e5%88%86%e9%94%808.60Bsp1&gvBuDing%24ctl02%24TextBox6=2009/04/03&gvBuDing%24ctl03%24TextBox5=8.11A%ef%bc%8d%e7%b3%bb%e7%bb%9f%e5%b7%a5%e5%85%b7%e5%8f%8a%e7%8e%af%e5%a2%83%ef%bc%8d%e5%bf%ab%e9%80%9f%e5%ae%9e%e6%96%bd%e5%b7%a5%e5%85%b7&gvBuDing%24ctl03%24TextBox6=2009/04/02&gvBuDing%24ctl04%24TextBox5=8.11A%ef%bc%8d%e8%b4%a2%e5%8a%a1%e4%bc%9a%e8%ae%a1%ef%bc%8d%e5%9b%ba%e5%ae%9a%e8%b5%84%e4%ba%a7&gvBuDing%24ctl04%24TextBox6=2009/04/02&gvBuDing%24ctl05%24TextBox5=8.11A%ef%bc%8d%e8%b4%a2%e5%8a%a1%e4%bc%9a%e8%ae%a1%ef%bc%8d%e5%9b%ba%e5%ae%9a%e8%b5%84%e4%ba%a7&gvBuDing%24ctl05%24TextBox6=2009/04/02&gvBuDing%24ctl06%24TextBox5=8.11A%ef%bc%8d%e8%b4%a2%e5%8a%a1%e4%bc%9a%e8%ae%a1%ef%bc%8d%e6%80%bb%e8%b4%a6&gvBuDing%24ctl06%24TextBox6=2009/04/02&gvBuDing%24ctl07%24TextBox5=8.12A%ef%bc%8d%e8%b4%a2%e5%8a%a1%e4%bc%9a%e8%ae%a1%ef%bc%8d%e6%80%bb%e8%b4%a6&gvBuDing%24ctl07%24TextBox6=2009/04/02&gvBuDing%24ctl08%24TextBox5=8.12A%ef%bc%8d%e4%be%9b%e5%ba%94%e9%93%be%ef%bc%8d%e5%ad%98%e8%b4%a7%e7%ae%a1%e7%90%86&gvBuDing%24ctl08%24TextBox6=2009/04/02&gvBuDing%24ctl09%24TextBox5=8.12A%ef%bc%8d%e5%86%b3%e7%ad%96%e6%94%af%e6%8c%81%e7%b3%bb%e7%bb%9f%ef%bc%8d%e6%95%b0%e6%8d%ae%e5%88%86%e6%9e%90&gvBuDing%24ctl09%24TextBox6=2009/04/02&gvBuDing%24ctl10%24TextBox5=8.12A%ef%bc%8d%e8%b4%a2%e5%8a%a1%e4%bc%9a%e8%ae%a1%ef%bc%8d%e6%80%bb%e8%b4%a6&gvBuDing%24ctl10%24TextBox6=2009/04/02&gvBuDing%24ctl11%24TextBox5=8.12A%ef%bc%8d%e8%b4%a2%e5%8a%a1%e4%bc%9a%e8%ae%a1%ef%bc%8d%e6%80%bb%e8%b4%a6&gvBuDing%24ctl11%24TextBox6=2009/04/02&gvBuDing%24ctl12%24TextBox5=8.12A%ef%bc%8d%e8%b4%a2%e5%8a%a1%e4%bc%9a%e8%ae%a1%ef%bc%8dUFO%e6%8a%a5%e8%a1%a8&gvBuDing%24ctl12%24TextBox6=2009/04/02&gvBuDing%24ctl13%24TextBox5=8.12A%ef%bc%8d%e8%b4%a2%e5%8a%a1%e4%bc%9a%e8%ae%a1%ef%bc%8d%e5%9b%ba%e5%ae%9a%e8%b5%84%e4%ba%a7&gvBuDing%24ctl13%24TextBox6=2009/04/02&gvBuDing%24ctl14%24TextBox5=8.12A%ef%bc%8d%e8%b4%a2%e5%8a%a1%e4%bc%9a%e8%ae%a1%ef%bc%8d%e5%9b%ba%e5%ae%9a%e8%b5%84%e4%ba%a7&gvBuDing%24ctl14%24TextBox6=2009/04/02&gvBuDing%24ctl15%24TextBox5=8.12A%ef%bc%8d%e4%be%9b%e5%ba%94%e9%93%be%ef%bc%8d%e5%ad%98%e8%b4%a7%e7%ae%a1%e7%90%86&gvBuDing%24ctl15%24TextBox6=2009/04/02&gvBuDing%24ctl16%24TextBox5=8.12A%ef%bc%8d%e7%b3%bb%e7%bb%9f%e5%b7%a5%e5%85%b7%e5%8f%8a%e7%8e%af%e5%a2%83%ef%bc%8d%e5%bf%ab%e9%80%9f%e5%ae%9e%e6%96%bd%e5%b7%a5%e5%85%b7&gvBuDing%24ctl16%24TextBox6=2009/04/02&gvBuDing%24ctl17%24TextBox5=8.12A%ef%bc%8d%e8%b4%a2%e5%8a%a1%e4%bc%9a%e8%ae%a1%ef%bc%8d%e6%80%bb%e8%b4%a6&gvBuDing%24ctl17%24TextBox6=2009/04/02&gvBuDing%24ctl18%24TextBox5=8.12A%ef%bc%8d%e8%b4%a2%e5%8a%a1%e4%bc%9a%e8%ae%a1%ef%bc%8d%e6%80%bb%e8%b4%a6&gvBuDing%24ctl18%24TextBox6=2009/04/02&gvBuDing%24ctl19%24TextBox5=8.12A%ef%bc%8d%e5%86%b3%e7%ad%96%e6%94%af%e6%8c%81%e7%b3%bb%e7%bb%9f%ef%bc%8d%e6%95%b0%e6%8d%ae%e5%88%86%e6%9e%90&gvBuDing%24ctl19%24TextBox6=2009/04/02&textbox1=1&textbox2=1&textbox3=1&textbox4=1&textfield=1&txtBuDingMC=Q&txtGuanJianZ=1&_qam_dialog_control=&__ContextPath=/&__EVENTVALIDATION=/wEWMQLG7oXWAQKuz4%2bGAwLqitdjApK62KUFArursYYIApbWy7YCArG/6csMApbWh%2bYCArG/pfsMApbW0/4DArG/8ZMOApbWz54EArG/7bMOApbW274DArG/%2bdMNApbW194DArG/9fMNApbWo4YFArG/wZsPApbW36YFArG//bsPApbW674GArG/iVQCltan5gQCsb/F%2bw4C2dzLtgIC9MXpywwC2dyH5gIC9MWl%2bwwC2dzT/gMC9MXxkw4C2dzPngQC9MXtsw4C2dzbvgMC9MX50w0C2dzX3gMC9MX18w0C2dyjhgUC9MXBmw8C2dzfpgUC9MX9uw8C2dzrvgYC9MWJVALZ3KfmBAL0xcX7DgKsyrLrBgKsyvbZDAKsyoq1BQKsyu58Y%2b0PUut2Kqcp90hzVo3LMj3i6Ms%3d&__LastVIEWSTATE_SessionKey=587e2796-6ad6-4479-a037-1dde94a2a0c5&__VIEWSTATE=/wEPDwUKMTU2NTY2MDkwMg9kFgICAw9kFgoCBQ88KwAJAQAPFgQeCERhdGFLZXlzFgAeC18hSXRlbUNvdW50AgdkFg5mD2QWAgIDDw8WAh4LTmF2aWdhdGVVcmwFI0J1RGluZy5hc3B4P0JpYW5IYW89Q1BETDIwMDYwMTAxMDAxZBYCZg8VAQJVOGQCAQ9kFgICAw8PFgIfAgUjQnVEaW5nLmFzcHg/Qmlhbkhhbz1DUERMMjAwNjAxMDEwMDJkFgJmDxUBAk5DZAICD2QWAgIDDw8WAh8CBSNCdURpbmcuYXNweD9CaWFuSGFvPUNQREwyMDA2MDEwMTAwM2QWAmYPFQEDSENNZAIDD2QWAgIDDw8WAh8CBSNCdURpbmcuYXNweD9CaWFuSGFvPUNQREwyMDA2MDEwMTAwNGQWAmYPFQECVTlkAgQPZBYCAgMPDxYCHwIFI0J1RGluZy5hc3B4P0JpYW5IYW89Q1BETDIwMDYwMTAxMDA1ZBYCZg8VAQblhbbku5ZkAgUPZBYCAgMPDxYCHwIFIUJ1RGluZy5hc3B4P0JpYW5IYW89RFEyMDExMDMwMzAwMWQWAmYPFQEIVHVyYm9DUk1kAgYPZBYCAgMPDxYCHwIFIUJ1RGluZy5hc3B4P0JpYW5IYW89RFEyMDExMDMyOTAwMWQWAmYPFQEDUExNZAIVDw8WAh4EVGV4dAUM5p%2bl6K%2bi57uT5p6cZGQCFw88KwAJAQAPFgQfABYAHwECFGQWKGYPZBYCAgEPDxYCHwIFJUJ1RGluZ1pTLmFzcHg/Qmlhbkhhbz1CREdKMjAxMTExMDkwMDFkFgJmDxUBMVU4LU9BIDI4MnNwMuaOp%2bS7tuWPlua2iOacn%2bmZkOihpeS4geWMhS5wYXJ0MS5yYXJkAgEPZBYCAgEPDxYCHwIFJUJ1RGluZ1pTLmFzcHg/Qmlhbkhhbz1CREdKMjAwOTA5MDEwMDFkFgJmDxUBGlU4NTFB5bel6LWE6KGl5LiB77yI5YWo77yJZAICD2QWAgIBDw8WAh8CBSVCdURpbmdaUy5hc3B4P0JpYW5IYW89QkRHSjIwMDkwNDAzMDA2ZBYCZg8VAQQxNjI4ZAIDD2QWAgIBDw8WAh8CBSVCdURpbmdaUy5hc3B4P0JpYW5IYW89QkRHSjIwMDkwNDAyMDE4ZBYCZg8VAQI5NmQCBA9kFgICAQ8PFgIfAgUlQnVEaW5nWlMuYXNweD9CaWFuSGFvPUJER0oyMDA5MDQwMjAyMGQWAmYPFQEDMTAzZAIFD2QWAgIBDw8WAh8CBSVCdURpbmdaUy5hc3B4P0JpYW5IYW89QkRHSjIwMDkwNDAyMDIyZBYCZg8VAQMxMjFkAgYPZBYCAgEPDxYCHwIFJUJ1RGluZ1pTLmFzcHg/Qmlhbkhhbz1CREdKMjAwOTA0MDIwMjRkFgJmDxUBAzIyM2QCBw9kFgICAQ8PFgIfAgUlQnVEaW5nWlMuYXNweD9CaWFuSGFvPUJER0oyMDA5MDQwMjAzMGQWAmYPFQEDMjM1ZAIID2QWAgIBDw8WAh8CBSVCdURpbmdaUy5hc3B4P0JpYW5IYW89QkRHSjIwMDkwNDAyMDMyZBYCZg8VAQQxMjYxZAIJD2QWAgIBDw8WAh8CBSVCdURpbmdaUy5hc3B4P0JpYW5IYW89QkRHSjIwMDkwNDAyMDM4ZBYCZg8VAQM2MTZkAgoPZBYCAgEPDxYCHwIFJUJ1RGluZ1pTLmFzcHg/Qmlhbkhhbz1CREdKMjAwOTA0MDIwNDBkFgJmDxUBAzQ0N2QCCw9kFgICAQ8PFgIfAgUlQnVEaW5nWlMuYXNweD9CaWFuSGFvPUJER0oyMDA5MDQwMjA2NGQWAmYPFQEDMzUxZAIMD2QWAgIBDw8WAh8CBSVCdURpbmdaUy5hc3B4P0JpYW5IYW89QkRHSjIwMDkwNDAyMDc0ZBYCZg8VAQMyNDVkAg0PZBYCAgEPDxYCHwIFJUJ1RGluZ1pTLmFzcHg/Qmlhbkhhbz1CREdKMjAwOTA0MDIwNzhkFgJmDxUBAzIyOGQCDg9kFgICAQ8PFgIfAgUlQnVEaW5nWlMuYXNweD9CaWFuSGFvPUJER0oyMDA5MDQwMjA4MmQWAmYPFQEDMjE4ZAIPD2QWAgIBDw8WAh8CBSVCdURpbmdaUy5hc3B4P0JpYW5IYW89QkRHSjIwMDkwNDAyMDg0ZBYCZg8VAQMyMTNkAhAPZBYCAgEPDxYCHwIFJUJ1RGluZ1pTLmFzcHg/Qmlhbkhhbz1CREdKMjAwOTA0MDIwODZkFgJmDxUBAzIxMGQCEQ9kFgICAQ8PFgIfAgUlQnVEaW5nWlMuYXNweD9CaWFuSGFvPUJER0oyMDA5MDQwMjA5NGQWAmYPFQEDMTkzZAISD2QWAgIBDw8WAh8CBSVCdURpbmdaUy5hc3B4P0JpYW5IYW89QkRHSjIwMDkwNDAyMTEwZBYCZg8VAQMxODNkAhMPZBYCAgEPDxYCHwIFJUJ1RGluZ1pTLmFzcHg/Qmlhbkhhbz1CREdKMjAwOTA0MDIxMTJkFgJmDxUBAzE4MGQCGw8PFgIfAwUR5b2T5YmN56ysIDEvNyDpobVkZAIfDw8WAh8CBSovQXBwV2ViL0J1RGluZy9CdURpbmcuYXNweD9CaWFuSGFvPSZQYWdlPTJkZGRs4NNZ0Y2qYWFbFkHZQR3h32pZTA%3d%3d

6.png

漏洞证明:

修复方案:

版权声明:转载请注明来源 路人甲@乌云

漏洞回应

厂商回应:

危害等级:无影响厂商忽略

忽略时间:2016-02-21 19:30

厂商回复:

漏洞Rank:4 (WooYun评价)

最新状态:

暂无