乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2011-07-24: 积极联系厂商并且等待厂商认领中,细节不对外公开 2011-07-28: 厂商已经主动忽略漏洞,细节向公众公开
mysql数据库
http://jiudian.55tuan.com/goods.do?method=selPastGoods&conditionStr=%22%3E%3Cscript%3Ealert%28/%C7%E7%CC%EC%D0%A1%D6%FD/%29%3C/script%3E&pageNo=0&zoning=0%27
com.mysql.jdbc.exceptions.MySQLSyntaxErrorException: You have an errorin your SQL syntax; check the manual that corresponds to your MySQL serverversion for the right syntax to use near '-10,10' at line 1javax.servlet.ServletException: org.springframework.jdbc.BadSqlGrammarException:SqlMapClient operation; bad SQL grammar []; nested exception is com.ibatis.common.jdbc.exception.NestedSQLException:--- The error occurred while applying a parameter map. --- Check the selGoodsPagesByCondition-InlineParameterMap. --- Check the statement (query failed). --- Cause: com.mysql.jdbc.exceptions.MySQLSyntaxErrorException: You havean error in your SQL syntax; check the manual that corresponds to yourMySQL server version for the right syntax to use near '-10,10' at line1 at org.apache.struts.action.RequestProcessor.processException(RequestProcessor.java:523) at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:421) at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:224) at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1194) at org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:414) at javax.servlet.http.HttpServlet.service(HttpServlet.java:119) at javax.servlet.http.HttpServlet.service(HttpServlet.java:96) at com.caucho.server.dispatch.ServletFilterChain.doFilter(ServletFilterChain.java:109) at com.caucho.filters.GzipFilter.doFilter(GzipFilter.java:149) at com.caucho.server.dispatch.FilterFilterChain.doFilter(FilterFilterChain.java:89) at org.tuckey.web.filters.urlrewrite.RuleChain.handleRewrite(RuleChain.java:176) at org.tuckey.web.filters.urlrewrite.RuleChain.doRules(RuleChain.java:145) at org.tuckey.web.filters.urlrewrite.UrlRewriter.processRequest(UrlRewriter.java:92) at org.tuckey.web.filters.urlrewrite.UrlRewriteFilter.doFilter(UrlRewriteFilter.java:381) at com.caucho.server.dispatch.FilterFilterChain.doFilter(FilterFilterChain.java:89) at com.tuan.web.filter.WebLogFilter.doFilter(Unknown Source) at com.caucho.server.dispatch.FilterFilterChain.doFilter(FilterFilterChain.java:89) at com.tuan.web.filter.IpMarkerFilter.doFilter(Unknown Source) at com.caucho.server.dispatch.FilterFilterChain.doFilter(FilterFilterChain.java:89) at com.tuan.web.util.SetCharsetFilter.doFilter(Unknown Source) at com.caucho.server.dispatch.FilterFilterChain.doFilter(FilterFilterChain.java:89) at com.caucho.server.webapp.WebAppFilterChain.doFilter(WebAppFilterChain.java:184) at com.caucho.server.webapp.AccessLogFilterChain.doFilter(AccessLogFilterChain.java:95) at com.caucho.server.dispatch.ServletInvocation.service(ServletInvocation.java:287) at com.caucho.server.http.HttpRequest.handleRequest(HttpRequest.java:794) at com.caucho.network.listen.TcpSocketLink.dispatchRequest(TcpSocketLink.java:729) at com.caucho.network.listen.TcpSocketLink.handleRequest(TcpSocketLink.java:688) at com.caucho.network.listen.TcpSocketLink.handleRequestsImpl(TcpSocketLink.java:668) at com.caucho.network.listen.TcpSocketLink.handleRequests(TcpSocketLink.java:616) at com.caucho.network.listen.AcceptTask.doTask(AcceptTask.java:104) at com.caucho.network.listen.ConnectionReadTask.runThread(ConnectionReadTask.java:98) at com.caucho.network.listen.ConnectionReadTask.run(ConnectionReadTask.java:81) at com.caucho.network.listen.AcceptTask.run(AcceptTask.java:67) at com.caucho.env.thread.ResinThread.runTasks(ResinThread.java:164) at com.caucho.env.thread.ResinThread.run(ResinThread.java:130)Caused by: org.springframework.jdbc.BadSqlGrammarException: SqlMapClientoperation; bad SQL grammar []; nested exception is com.ibatis.common.jdbc.exception.NestedSQLException:--- The error occurred while applying a parameter map. --- Check the selGoodsPagesByCondition-InlineParameterMap. --- Check the statement (query failed). --- Cause: com.mysql.jdbc.exceptions.MySQLSyntaxErrorException: You havean error in your SQL syntax; check the manual that corresponds to yourMySQL server version for the right syntax to use near '-10,10' at line1 at org.springframework.jdbc.support.SQLErrorCodeSQLExceptionTranslator.translate(SQLErrorCodeSQLExceptionTranslator.java:276) at org.springframework.orm.ibatis.SqlMapClientTemplate.execute(SqlMapClientTemplate.java:212) at org.springframework.orm.ibatis.SqlMapClientTemplate.executeWithListResult(SqlMapClientTemplate.java:249) at org.springframework.orm.ibatis.SqlMapClientTemplate.queryForList(SqlMapClientTemplate.java:296) at com.jeehe.usercenter.dao.impl.GoodsDAOImpl.selGoodsPagesByCondition(Unknown Source) at com.jeehe.usercenter.service.impl.GoodsServiceImpl.selGoodsPagesByCondition(Unknown Source) at sun.reflect.GeneratedMethodAccessor819.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:310) at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149) at org.springframework.remoting.support.RemoteInvocationTraceInterceptor.invoke(RemoteInvocationTraceInterceptor.java:70) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171) at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204) at $Proxy73.selGoodsPagesByCondition(Unknown Source) at sun.reflect.GeneratedMethodAccessor818.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.springframework.remoting.support.RemoteInvocation.invoke(RemoteInvocation.java:205) at org.springframework.remoting.support.DefaultRemoteInvocationExecutor.invoke(DefaultRemoteInvocationExecutor.java:38) at org.springframework.remoting.support.RemoteInvocationBasedExporter.invoke(RemoteInvocationBasedExporter.java:78) at org.springframework.remoting.rmi.RmiBasedExporter.invoke(RmiBasedExporter.java:72) at org.springframework.remoting.rmi.RmiInvocationWrapper.invoke(RmiInvocationWrapper.java:72) at sun.reflect.GeneratedMethodAccessor218.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:305) at sun.rmi.transport.Transport$1.run(Transport.java:159) at java.security.AccessController.doPrivileged(Native Method) at sun.rmi.transport.Transport.serviceCall(Transport.java:155) at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:535) at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run0(TCPTransport.java:790) at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:649) at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908) at java.lang.Thread.run(Thread.java:662) at org.springframework.remoting.support.RemoteInvocationUtils.fillInClientStackTraceIfPossible(RemoteInvocationUtils.java:47) at org.springframework.remoting.rmi.RmiClientInterceptor.doInvoke(RmiClientInterceptor.java:347) at org.springframework.remoting.rmi.RmiClientInterceptor.invoke(RmiClientInterceptor.java:258) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171) at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204) at $Proxy39.selGoodsPagesByCondition(Unknown Source) at com.jeehe.usercenter.client.impl.GoodsFacadeImpl.selGoodsPagesByCondition(Unknown Source) at com.tuan.web.action.GoodsAction.selPastGoods(Unknown Source) at sun.reflect.GeneratedMethodAccessor817.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.apache.struts.actions.DispatchAction.dispatchMethod(DispatchAction.java:274) at org.apache.struts.actions.DispatchAction.execute(DispatchAction.java:194) at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:419) at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:224) at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1194) at org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:414) at javax.servlet.http.HttpServlet.service(HttpServlet.java:119) at javax.servlet.http.HttpServlet.service(HttpServlet.java:96) at com.caucho.server.dispatch.ServletFilterChain.doFilter(ServletFilterChain.java:109) at com.caucho.filters.GzipFilter.doFilter(GzipFilter.java:149) at com.caucho.server.dispatch.FilterFilterChain.doFilter(FilterFilterChain.java:89) at org.tuckey.web.filters.urlrewrite.RuleChain.handleRewrite(RuleChain.java:176) at org.tuckey.web.filters.urlrewrite.RuleChain.doRules(RuleChain.java:145) at org.tuckey.web.filters.urlrewrite.UrlRewriter.processRequest(UrlRewriter.java:92) at org.tuckey.web.filters.urlrewrite.UrlRewriteFilter.doFilter(UrlRewriteFilter.java:381) at com.caucho.server.dispatch.FilterFilterChain.doFilter(FilterFilterChain.java:89) at com.tuan.web.filter.WebLogFilter.doFilter(Unknown Source) at com.caucho.server.dispatch.FilterFilterChain.doFilter(FilterFilterChain.java:89) at com.tuan.web.filter.IpMarkerFilter.doFilter(Unknown Source) at com.caucho.server.dispatch.FilterFilterChain.doFilter(FilterFilterChain.java:89) at com.tuan.web.util.SetCharsetFilter.doFilter(Unknown Source) at com.caucho.server.dispatch.FilterFilterChain.doFilter(FilterFilterChain.java:89) at com.caucho.server.webapp.WebAppFilterChain.doFilter(WebAppFilterChain.java:184) at com.caucho.server.webapp.AccessLogFilterChain.doFilter(AccessLogFilterChain.java:95) at com.caucho.server.dispatch.ServletInvocation.service(ServletInvocation.java:287) at com.caucho.server.http.HttpRequest.handleRequest(HttpRequest.java:794) at com.caucho.network.listen.TcpSocketLink.dispatchRequest(TcpSocketLink.java:729) at com.caucho.network.listen.TcpSocketLink.handleRequest(TcpSocketLink.java:688) at com.caucho.network.listen.TcpSocketLink.handleRequestsImpl(TcpSocketLink.java:668) at com.caucho.network.listen.TcpSocketLink.handleRequests(TcpSocketLink.java:616) at com.caucho.network.listen.AcceptTask.doTask(AcceptTask.java:104) at com.caucho.network.listen.ConnectionReadTask.runThread(ConnectionReadTask.java:98) at com.caucho.network.listen.ConnectionReadTask.run(ConnectionReadTask.java:81) at com.caucho.network.listen.AcceptTask.run(AcceptTask.java:67) at com.caucho.env.thread.ResinThread.runTasks(ResinThread.java:164) at com.caucho.env.thread.ResinThread.run(ResinThread.java:130)Caused by: com.ibatis.common.jdbc.exception.NestedSQLException: --- The error occurred while applying a parameter map. --- Check the selGoodsPagesByCondition-InlineParameterMap. --- Check the statement (query failed). --- Cause: com.mysql.jdbc.exceptions.MySQLSyntaxErrorException: You havean error in your SQL syntax; check the manual that corresponds to yourMySQL server version for the right syntax to use near '-10,10' at line1 at com.ibatis.sqlmap.engine.mapping.statement.MappedStatement.executeQueryWithCallback(MappedStatement.java:201) at com.ibatis.sqlmap.engine.mapping.statement.MappedStatement.executeQueryForList(MappedStatement.java:139) at com.ibatis.sqlmap.engine.impl.SqlMapExecutorDelegate.queryForList(SqlMapExecutorDelegate.java:567) at com.ibatis.sqlmap.engine.impl.SqlMapExecutorDelegate.queryForList(SqlMapExecutorDelegate.java:541) at com.ibatis.sqlmap.engine.impl.SqlMapSessionImpl.queryForList(SqlMapSessionImpl.java:118) at org.springframework.orm.ibatis.SqlMapClientTemplate$3.doInSqlMapClient(SqlMapClientTemplate.java:298) at org.springframework.orm.ibatis.SqlMapClientTemplate.execute(SqlMapClientTemplate.java:209) at org.springframework.orm.ibatis.SqlMapClientTemplate.executeWithListResult(SqlMapClientTemplate.java:249) at org.springframework.orm.ibatis.SqlMapClientTemplate.queryForList(SqlMapClientTemplate.java:296) at com.jeehe.usercenter.dao.impl.GoodsDAOImpl.selGoodsPagesByCondition(Unknown Source) at com.jeehe.usercenter.service.impl.GoodsServiceImpl.selGoodsPagesByCondition(Unknown Source) at sun.reflect.GeneratedMethodAccessor819.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:310) at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149) at org.springframework.remoting.support.RemoteInvocationTraceInterceptor.invoke(RemoteInvocationTraceInterceptor.java:70) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171) at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204) at $Proxy73.selGoodsPagesByCondition(Unknown Source) at sun.reflect.GeneratedMethodAccessor818.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.springframework.remoting.support.RemoteInvocation.invoke(RemoteInvocation.java:205) at org.springframework.remoting.support.DefaultRemoteInvocationExecutor.invoke(DefaultRemoteInvocationExecutor.java:38) at org.springframework.remoting.support.RemoteInvocationBasedExporter.invoke(RemoteInvocationBasedExporter.java:78) at org.springframework.remoting.rmi.RmiBasedExporter.invoke(RmiBasedExporter.java:72) at org.springframework.remoting.rmi.RmiInvocationWrapper.invoke(RmiInvocationWrapper.java:72) at sun.reflect.GeneratedMethodAccessor218.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:305) at sun.rmi.transport.Transport$1.run(Transport.java:159) at java.security.AccessController.doPrivileged(Native Method) at sun.rmi.transport.Transport.serviceCall(Transport.java:155) at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:535) at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run0(TCPTransport.java:790) at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:649) at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908) at java.lang.Thread.run(Thread.java:662) at org.springframework.remoting.support.RemoteInvocationUtils.fillInClientStackTraceIfPossible(RemoteInvocationUtils.java:47) at org.springframework.remoting.rmi.RmiClientInterceptor.doInvoke(RmiClientInterceptor.java:347) at org.springframework.remoting.rmi.RmiClientInterceptor.invoke(RmiClientInterceptor.java:258) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171) at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204) at $Proxy39.selGoodsPagesByCondition(Unknown Source) at com.jeehe.usercenter.client.impl.GoodsFacadeImpl.selGoodsPagesByCondition(Unknown Source) at com.tuan.web.action.GoodsAction.selPastGoods(Unknown Source) at sun.reflect.GeneratedMethodAccessor817.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.apache.struts.actions.DispatchAction.dispatchMethod(DispatchAction.java:274) at org.apache.struts.actions.DispatchAction.execute(DispatchAction.java:194) at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:419) at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:224) at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1194) at org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:414) at javax.servlet.http.HttpServlet.service(HttpServlet.java:119) at javax.servlet.http.HttpServlet.service(HttpServlet.java:96) at com.caucho.server.dispatch.ServletFilterChain.doFilter(ServletFilterChain.java:109) at com.caucho.filters.GzipFilter.doFilter(GzipFilter.java:149) at com.caucho.server.dispatch.FilterFilterChain.doFilter(FilterFilterChain.java:89) at org.tuckey.web.filters.urlrewrite.RuleChain.handleRewrite(RuleChain.java:176) at org.tuckey.web.filters.urlrewrite.RuleChain.doRules(RuleChain.java:145) at org.tuckey.web.filters.urlrewrite.UrlRewriter.processRequest(UrlRewriter.java:92) at org.tuckey.web.filters.urlrewrite.UrlRewriteFilter.doFilter(UrlRewriteFilter.java:381) at com.caucho.server.dispatch.FilterFilterChain.doFilter(FilterFilterChain.java:89) at com.tuan.web.filter.WebLogFilter.doFilter(Unknown Source) at com.caucho.server.dispatch.FilterFilterChain.doFilter(FilterFilterChain.java:89) at com.tuan.web.filter.IpMarkerFilter.doFilter(Unknown Source) at com.caucho.server.dispatch.FilterFilterChain.doFilter(FilterFilterChain.java:89) at com.tuan.web.util.SetCharsetFilter.doFilter(Unknown Source) at com.caucho.server.dispatch.FilterFilterChain.doFilter(FilterFilterChain.java:89) at com.caucho.server.webapp.WebAppFilterChain.doFilter(WebAppFilterChain.java:184) at com.caucho.server.webapp.AccessLogFilterChain.doFilter(AccessLogFilterChain.java:95) at com.caucho.server.dispatch.ServletInvocation.service(ServletInvocation.java:287) at com.caucho.server.http.HttpRequest.handleRequest(HttpRequest.java:794) at com.caucho.network.listen.TcpSocketLink.dispatchRequest(TcpSocketLink.java:729) at com.caucho.network.listen.TcpSocketLink.handleRequest(TcpSocketLink.java:688) at com.caucho.network.listen.TcpSocketLink.handleRequestsImpl(TcpSocketLink.java:668) at com.caucho.network.listen.TcpSocketLink.handleRequests(TcpSocketLink.java:616) at com.caucho.network.listen.AcceptTask.doTask(AcceptTask.java:104) at com.caucho.network.listen.ConnectionReadTask.runThread(ConnectionReadTask.java:98) at com.caucho.network.listen.ConnectionReadTask.run(ConnectionReadTask.java:81) at com.caucho.network.listen.AcceptTask.run(AcceptTask.java:67) at com.caucho.env.thread.ResinThread.runTasks(ResinThread.java:164) at com.caucho.env.thread.ResinThread.run(ResinThread.java:130)Caused by: com.mysql.jdbc.exceptions.MySQLSyntaxErrorException: You havean error in your SQL syntax; check the manual that corresponds to yourMySQL server version for the right syntax to use near '-10,10' at line1 at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:936) at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:2985) at com.mysql.jdbc.MysqlIO.sendCommand(MysqlIO.java:1631) at com.mysql.jdbc.MysqlIO.sqlQueryDirect(MysqlIO.java:1723) at com.mysql.jdbc.Connection.execSQL(Connection.java:3256) at com.mysql.jdbc.PreparedStatement.executeInternal(PreparedStatement.java:1313) at com.mysql.jdbc.PreparedStatement.execute(PreparedStatement.java:874) at com.mysql.jdbc.jdbc2.optional.PreparedStatementWrapper.execute(PreparedStatementWrapper.java:787) at com.caucho.sql.UserPreparedStatement.execute(UserPreparedStatement.java:156) at com.caucho.sql.UserPreparedStatement.execute(UserPreparedStatement.java:156) at com.ibatis.sqlmap.engine.execution.SqlExecutor.executeQuery(SqlExecutor.java:185) at com.ibatis.sqlmap.engine.mapping.statement.MappedStatement.sqlExecuteQuery(MappedStatement.java:221) at com.ibatis.sqlmap.engine.mapping.statement.MappedStatement.executeQueryWithCallback(MappedStatement.java:189) at com.ibatis.sqlmap.engine.mapping.statement.MappedStatement.executeQueryForList(MappedStatement.java:139) at com.ibatis.sqlmap.engine.impl.SqlMapExecutorDelegate.queryForList(SqlMapExecutorDelegate.java:567) at com.ibatis.sqlmap.engine.impl.SqlMapExecutorDelegate.queryForList(SqlMapExecutorDelegate.java:541) at com.ibatis.sqlmap.engine.impl.SqlMapSessionImpl.queryForList(SqlMapSessionImpl.java:118) at org.springframework.orm.ibatis.SqlMapClientTemplate$3.doInSqlMapClient(SqlMapClientTemplate.java:298) at org.springframework.orm.ibatis.SqlMapClientTemplate.execute(SqlMapClientTemplate.java:209) at org.springframework.orm.ibatis.SqlMapClientTemplate.executeWithListResult(SqlMapClientTemplate.java:249) at org.springframework.orm.ibatis.SqlMapClientTemplate.queryForList(SqlMapClientTemplate.java:296) at com.jeehe.usercenter.dao.impl.GoodsDAOImpl.selGoodsPagesByCondition(Unknown Source) at com.jeehe.usercenter.service.impl.GoodsServiceImpl.selGoodsPagesByCondition(Unknown Source) at sun.reflect.GeneratedMethodAccessor819.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:310) at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149) at org.springframework.remoting.support.RemoteInvocationTraceInterceptor.invoke(RemoteInvocationTraceInterceptor.java:70) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171) at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204) at $Proxy73.selGoodsPagesByCondition(Unknown Source) at sun.reflect.GeneratedMethodAccessor818.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.springframework.remoting.support.RemoteInvocation.invoke(RemoteInvocation.java:205) at org.springframework.remoting.support.DefaultRemoteInvocationExecutor.invoke(DefaultRemoteInvocationExecutor.java:38) at org.springframework.remoting.support.RemoteInvocationBasedExporter.invoke(RemoteInvocationBasedExporter.java:78) at org.springframework.remoting.rmi.RmiBasedExporter.invoke(RmiBasedExporter.java:72) at org.springframework.remoting.rmi.RmiInvocationWrapper.invoke(RmiInvocationWrapper.java:72) at sun.reflect.GeneratedMethodAccessor218.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:305) at sun.rmi.transport.Transport$1.run(Transport.java:159) at java.security.AccessController.doPrivileged(Native Method) at sun.rmi.transport.Transport.serviceCall(Transport.java:155) at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:535) at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run0(TCPTransport.java:790) at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:649) at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908) at java.lang.Thread.run(Thread.java:662) at org.springframework.remoting.support.RemoteInvocationUtils.fillInClientStackTraceIfPossible(RemoteInvocationUtils.java:47) at org.springframework.remoting.rmi.RmiClientInterceptor.doInvoke(RmiClientInterceptor.java:347) at org.springframework.remoting.rmi.RmiClientInterceptor.invoke(RmiClientInterceptor.java:258) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171) at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204) at $Proxy39.selGoodsPagesByCondition(Unknown Source) at com.jeehe.usercenter.client.impl.GoodsFacadeImpl.selGoodsPagesByCondition(Unknown Source) at com.tuan.web.action.GoodsAction.selPastGoods(Unknown Source) at sun.reflect.GeneratedMethodAccessor817.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.apache.struts.actions.DispatchAction.dispatchMethod(DispatchAction.java:274) at org.apache.struts.actions.DispatchAction.execute(DispatchAction.java:194) at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:419) at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:224) at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1194) at org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:414) at javax.servlet.http.HttpServlet.service(HttpServlet.java:119) at javax.servlet.http.HttpServlet.service(HttpServlet.java:96) at com.caucho.server.dispatch.ServletFilterChain.doFilter(ServletFilterChain.java:109) at com.caucho.filters.GzipFilter.doFilter(GzipFilter.java:149) at com.caucho.server.dispatch.FilterFilterChain.doFilter(FilterFilterChain.java:89) at org.tuckey.web.filters.urlrewrite.RuleChain.handleRewrite(RuleChain.java:176) at org.tuckey.web.filters.urlrewrite.RuleChain.doRules(RuleChain.java:145) at org.tuckey.web.filters.urlrewrite.UrlRewriter.processRequest(UrlRewriter.java:92) at org.tuckey.web.filters.urlrewrite.UrlRewriteFilter.doFilter(UrlRewriteFilter.java:381) at com.caucho.server.dispatch.FilterFilterChain.doFilter(FilterFilterChain.java:89) at com.tuan.web.filter.WebLogFilter.doFilter(Unknown Source) at com.caucho.server.dispatch.FilterFilterChain.doFilter(FilterFilterChain.java:89) at com.tuan.web.filter.IpMarkerFilter.doFilter(Unknown Source) at com.caucho.server.dispatch.FilterFilterChain.doFilter(FilterFilterChain.java:89) at com.tuan.web.util.SetCharsetFilter.doFilter(Unknown Source) at com.caucho.server.dispatch.FilterFilterChain.doFilter(FilterFilterChain.java:89) at com.caucho.server.webapp.WebAppFilterChain.doFilter(WebAppFilterChain.java:184) at com.caucho.server.webapp.AccessLogFilterChain.doFilter(AccessLogFilterChain.java:95) at com.caucho.server.dispatch.ServletInvocation.service(ServletInvocation.java:287) at com.caucho.server.http.HttpRequest.handleRequest(HttpRequest.java:794) at com.caucho.network.listen.TcpSocketLink.dispatchRequest(TcpSocketLink.java:729) at com.caucho.network.listen.TcpSocketLink.handleRequest(TcpSocketLink.java:688) at com.caucho.network.listen.TcpSocketLink.handleRequestsImpl(TcpSocketLink.java:668) at com.caucho.network.listen.TcpSocketLink.handleRequests(TcpSocketLink.java:616) at com.caucho.network.listen.AcceptTask.doTask(AcceptTask.java:104) at com.caucho.network.listen.ConnectionReadTask.runThread(ConnectionReadTask.java:98) at com.caucho.network.listen.ConnectionReadTask.run(ConnectionReadTask.java:81) at com.caucho.network.listen.AcceptTask.run(AcceptTask.java:67) at com.caucho.env.thread.ResinThread.runTasks(ResinThread.java:164) at com.caucho.env.thread.ResinThread.run(ResinThread.java:130)
晴天小铸PS:٩◕‿◕。。人生苦短...及时享乐才是王道!
容错处理
未能联系到厂商或者厂商积极拒绝
漏洞Rank:2 (WooYun评价)