当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2014-051614

漏洞标题:电大在线某分站sql注入漏洞

相关厂商:电大在线

漏洞作者: 雅柏菲卡

提交时间:2014-02-21 17:25

修复时间:2014-04-07 17:25

公开时间:2014-04-07 17:25

漏洞类型:SQL注射漏洞

危害等级:中

自评Rank:8

漏洞状态:未联系到厂商或者厂商积极忽略

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2014-02-21: 积极联系厂商并且等待厂商认领中,细节不对外公开
2014-04-07: 厂商已经主动忽略漏洞,细节向公众公开

简要描述:

....

详细说明:

.....

漏洞证明:

http://www1.open.edu.cn/file_post/display/read.php?FileID=30190
available databases [13]:
[*] distribution
[*] educheck
[*] ggxzx_course
[*] longschool
[*] master
[*] model
[*] msdb
[*] openedu
[*] openlog
[*] opennewtempdb
[*] shdc_Course
[*] tempdb
[*] xzldx_course
Database: openedu
[736 tables]
+-------------------------------------------+
| dbo.                                      |
| dbo.                                      |
| dbo.                                      |
| dbo.                                      |
| dbo.                                      |
| dbo.AD_Course_Relat_T                     |
| dbo.Admin                                 |
| dbo.CMS_Category                          |
| dbo.CMS_CategoryGroup_Category            |
| dbo.CMS_Category_EA_Course                |
| dbo.CMS_Category_Post                     |
| dbo.CMS_Category_StickyPost               |
| dbo.COPY_FILE                             |
| dbo.CRTVUCA                               |
| dbo.CRTVUCA_1                             |
| dbo.ChatRoom                              |
| dbo.ChatRoom_N                            |
| dbo.ChatRoom_bak                          |
| dbo.ChatRoom_closed                       |
| dbo.Collection_T                          |
| dbo.Communication_T                       |
| dbo.Counter_Browser_T                     |
| dbo.Counter_From_T                        |
| dbo.Counter_System_T                      |
| dbo.Counter_Total_T                       |
| dbo.Counter_pLevel_T                      |
| dbo.CourseCollection_T                    |
| dbo.CourseTopic                           |
| dbo.Course_Book_T                         |
| dbo.Course_Info                           |
| dbo.Course_Info_T                         |
| dbo.Course_Info_T2                        |
| dbo.Course_Info_T20090303bak              |
| dbo.Course_Info_T20090304bak              |
| dbo.Course_Info_T20090309bak              |
| dbo.Course_Info_T20090310bak              |
| dbo.Course_Info_T20100115bak              |
| dbo.Course_Info_T20100830bak              |
| dbo.Course_Info_T20110224bak              |
| dbo.Course_Info_T20120216bak              |
| dbo.Course_Info_T20120827bak              |
| dbo.Course_Info_T20130319bak              |
| dbo.Course_Info_T20130320bak              |
| dbo.Course_Info_T20130829bak              |
| dbo.Course_TV_T                           |
| dbo.Course_Topic_Student_View             |
| dbo.Course_aa                             |
| dbo.Course_student_V                      |
| dbo.Course_study_T                        |
| dbo.Create_Page_T                         |
| dbo.Crtvu_Inquery                         |
| dbo.DFYY_ZJPF                             |
| dbo.DFYY_dwpassword                       |
| dbo.DFYY_dwpassword1                      |
| dbo.DFYY_dwpasswordB                      |
| dbo.DFYY_technic_grade_T                  |
| dbo.DFYY_techniclevel_T                   |
| dbo.DFYY_zp_poll                          |
| dbo.DFYY_zp_table                         |
| dbo.DelUser_T                             |
| dbo.EA_Course                             |
| dbo.EU_ImageCode                          |
| dbo.EU_LoginLog                           |
| dbo.EU_MessageLog                         |
| dbo.EU_UserRelation                       |
| dbo.EUv_UserInfo                          |
| dbo.ExamInquery0904_T                     |
| dbo.ExamInquery2011Student                |
| dbo.ExamInquery2011Teacher                |
| dbo.ExamInqueryCourse0904_T               |
| dbo.ExamInquerySchoolCourse0904_T         |
| dbo.Exam_Calculat_Question                |
| dbo.Exam_CourseTable                      |
| dbo.Exam_Discuss_Question                 |
| dbo.Exam_FillSpace_Question               |
| dbo.Exam_Judge_Question                   |
| dbo.Exam_Match_Question                   |
| dbo.Exam_MultiSelect_Question             |
| dbo.Exam_Other_Question                   |
| dbo.Exam_QuestionTable                    |
| dbo.Exam_QuestionType                     |
| dbo.Exam_SimpleAnswer_Question            |
| dbo.Exam_SingleSelect_Question            |
| dbo.Exam_Student_Answer                   |
| dbo.Exam_Teacher_Info                     |
| dbo.Exam_TestPaper_Description            |
| dbo.Exam_Time_T                           |
| dbo.FAQ_T                                 |
| dbo.FeedBack_Sub_Sub_Subject_T            |
| dbo.FeedBack_Sub_Subject_T                |
| dbo.FeedBack_Subject_T                    |
| dbo.FeedBack_T                            |
| dbo.FeedBack_T_back                       |
| dbo.File_Info_T                           |
| dbo.File_Info_T_ycy                       |
| dbo.Forum_Article                         |
| dbo.Forum_Category                        |
| dbo.Forum_Message                         |
| dbo.Forum_Variables                       |
| dbo.InqueruserImport                      |
| dbo.Inquery_EcnomicStudent                |
| dbo.Inquery_EcnomicTeacher                |
| dbo.Inquery_Ouchn_English                 |
| dbo.Inquery_Province_T                    |
| dbo.Inquery_School_Course_T               |
| dbo.Inquery_School_T                      |
| dbo.Inquery_StudentAnswer_T               |
| dbo.Inquery_TeacherAnswer_T               |
| dbo.Inquery_TechnichAnswer_T              |
| dbo.Inquery_UserInfo_T                    |
| dbo.InquiryAnswerByStudent                |
| dbo.InquiryCourseAnswer                   |
| dbo.InquiryDefine                         |
| dbo.InquirySubjectAnswer                  |
| dbo.JCDC200811T                           |
| dbo.JCDC20085T                            |
| dbo.JCDCPXT                               |
| dbo.JCDCSeleceCourseT                     |
| dbo.JCDC_Course_Book                      |
| dbo.JCDC_EA_School                        |
| dbo.JCDC_EA_User                          |
| dbo.JCDC_EA_User081218                    |
| dbo.JCDC_EA_UserSelectCourse              |
| dbo.JCDC_EA_UserSelectCourse081218        |
| dbo.JCDC_EA_UserSelectCoursebak           |
| dbo.JCDC_EA_User_Sample                   |
| dbo.JCDC_EA_Userbak                       |
| dbo.JSTD_ZJPF                             |
| dbo.JsfwInquery                           |
| dbo.Jstd_technic_grade_T                  |
| dbo.MDER09_ZJPF                           |
| dbo.MDER09_dwpassword                     |
| dbo.MDER09_dwpassword1                    |
| dbo.MDER09_dwpasswordB                    |
| dbo.MDER09_technic_grade_T                |
| dbo.MDER09_techniclevel_T                 |
| dbo.MDER09_zp_poll                        |
| dbo.MDER09_zp_table                       |
| dbo.MDER_ZJPF                             |
| dbo.MDER_dwpassword                       |
| dbo.MDER_dwpassword1                      |
| dbo.MDER_dwpasswordB                      |
| dbo.MDER_technic_grade_T                  |
| dbo.MDER_techniclevel_T                   |
| dbo.MDER_zp_poll                          |
| dbo.MDER_zp_table                         |
| dbo.MajorPlan_info_t                      |
| dbo.Major_Plan_t                          |
| dbo.Meeting                               |
| dbo.NetCourseDetail_T                     |
| dbo.NetCourseExecutive_T                  |
| dbo.NetCourseExpert_T                     |
| dbo.NetCourseOtherTeacher_T               |
| dbo.NetCourseScore_T                      |
| dbo.NetCourseZP_T                         |
| dbo.NetCourse_dwpasswordB                 |
| dbo.NetStation_Inquery_T                  |
| dbo.NewJw_Course_info                     |
| dbo.NewJw_Course_info20090309bak          |
| dbo.NewJw_Course_info20090310bak          |
| dbo.NewJw_Course_info20100115bak          |
| dbo.NewJw_Course_info20100830bak          |
| dbo.NewJw_Course_info20110224bak          |
| dbo.NewJw_Course_info20120216bak          |
| dbo.NewJw_Course_info20120827bak          |
| dbo.NewJw_Course_info20130305bak          |
| dbo.NewJw_Course_info20130319bak          |
| dbo.NewJw_Course_info20130320bak          |
| dbo.NewJw_Plan_Course_T                   |
| dbo.NewJw_Plan_Course_T20090309bak        |
| dbo.NewJw_Plan_Course_T20090310bak        |
| dbo.NewJw_Plan_Course_T20100115bak        |
| dbo.NewJw_Plan_Course_T20100830bak        |
| dbo.NewJw_Plan_Course_T20110224bak        |
| dbo.NewJw_Plan_Course_T20120216bak        |
| dbo.NewJw_Plan_Course_T20120827bak        |
| dbo.NewJw_Plan_Course_T20130305bak        |
| dbo.NewJw_Plan_Course_T20130319bak        |
| dbo.NewJw_Plan_Course_T20130320bak        |
| dbo.NewJw_Plan_Info                       |
| dbo.NewJw_Plan_Info20090309bak            |
| dbo.NewJw_Plan_Info20090310bak            |
| dbo.NewJw_Plan_Info20100115bak            |
| dbo.NewJw_Plan_Info20100830bak            |
| dbo.NewJw_Plan_Info20110224bak            |
| dbo.NewJw_Plan_Info20120216bak            |
| dbo.NewJw_Plan_Info20120827bak            |
| dbo.NewJw_Plan_Info20130305bak            |
| dbo.NewJw_Plan_Info20130319bak            |
| dbo.NewJw_Plan_Info20130320bak            |
| dbo.NewJw_Rule_Used_Info                  |
| dbo.NewJw_Rule_Used_Info20090309bak       |
| dbo.NewJw_Rule_Used_Info20090310bak       |
| dbo.NewJw_Rule_Used_Info20100115bak       |
| dbo.NewJw_Rule_Used_Info20100830bak       |
| dbo.NewJw_Rule_Used_Info20110224bak       |
| dbo.NewJw_Rule_Used_Info20120216bak       |
| dbo.NewJw_Rule_Used_Info20120827bak       |
| dbo.NewJw_Rule_Used_Info20130319bak       |
| dbo.NewJw_Rule_Used_Info20130320bak       |
| dbo.NewJw_Rule_Used_Info20130829bak       |
| dbo.NewJw_ZYZB                            |
| dbo.NewJw_ZYZB20090309bak                 |
| dbo.NewJw_ZYZB20090310bak                 |
| dbo.NewJw_ZYZB20100115bak                 |
| dbo.NewJw_ZYZB20100830bak                 |
| dbo.NewJw_ZYZB20110224bak                 |
| dbo.NewJw_ZYZB20120216bak                 |
| dbo.NewJw_ZYZB20120827bak                 |
| dbo.NewJw_ZYZB20130305bak                 |
| dbo.NewJw_ZYZB20130319bak                 |
| dbo.NewJw_ZYZB20130320bak                 |
| dbo.NewStudent_V                          |
| dbo.NewUser_V                             |
| dbo.NoTeacher_V                           |
| dbo.Note_T                                |
| dbo.OEP_TA_ZGJYJ_Path_lunwen              |
| dbo.OEP_TA_ZGJYJ_basejyj                  |
| dbo.OEP_TA_ZGJYJ_cidian                   |
| dbo.OEP_TA_ZGJYJ_lunwen                   |
| dbo.OEP_TA_ZGJYJ_shiliao                  |
| dbo.OEP_TA_ZGJYJ_zhushu                   |
| dbo.OldUser_V                             |
| dbo.Old_Topic_Code_T                      |
| dbo.OtherUser_Info_T                      |
| dbo.OtherUser_Info_T_20051118             |
| dbo.Plan_Course_All_T                     |
| dbo.Plan_Course_All_T2                    |
| dbo.Plan_Course_All_T20090303bak          |
| dbo.Plan_Course_All_T20090304bak          |
| dbo.Plan_Course_All_T20090309bak          |
| dbo.Plan_Course_All_T20090310bak          |
| dbo.Plan_Course_All_T20100115bak          |
| dbo.Plan_Course_All_T20100830bak          |
| dbo.Plan_Course_All_T20110224bak          |
| dbo.Plan_Course_All_T20120216bak          |
| dbo.Plan_Course_All_T20120827bak          |
| dbo.Plan_Course_All_T20130319bak          |
| dbo.Plan_Course_All_T20130320bak          |
| dbo.Plan_Course_All_T20130829bak          |
| dbo.Plan_Course_T                         |
| dbo.Plan_Course_T2                        |
| dbo.Plan_Course_T20090303bak              |
| dbo.Plan_Course_T20090304bak              |
| dbo.Plan_Course_T20090309bak              |
| dbo.Plan_Course_T20130829bak              |
| dbo.Plan_Course_T_20080917_bak            |
| dbo.Plan_Course_T_temp                    |
| dbo.Plan_Info_T                           |
| dbo.Plan_Info_T2                          |
| dbo.Plan_Info_T20090303bak                |
| dbo.Plan_Info_T20090304bak                |
| dbo.Plan_Info_T20090309bak                |
| dbo.Plan_Info_T20090310bak                |
| dbo.Plan_Info_T20100115bak                |
| dbo.Plan_Info_T20100830bak                |
| dbo.Plan_Info_T20110224bak                |
| dbo.Plan_Info_T20120216bak                |
| dbo.Plan_Info_T20120827bak                |
| dbo.Plan_Info_T20130319bak                |
| dbo.Plan_Info_T20130320bak                |
| dbo.Plan_Info_T20130829bak                |
| dbo.ProvSchool                            |
| dbo.Province_Info_T                       |
| dbo.QHZG_ZJPF                             |
| dbo.QHZG_zp_poll                          |
| dbo.QHZG_zp_table                         |
| dbo.Research_Content_T                    |
| dbo.Research_Group_T                      |
| dbo.Research_T                            |
| dbo.Research_Title_T                      |
| dbo.SBBusiness                            |
| dbo.SBCourse                              |
| dbo.SBPress                               |
| dbo.STUDENT_COURSE_V                      |
| dbo.SchoolBook                            |
| dbo.ShenPiTeacher_V                       |
| dbo.SourceInquery                         |
| dbo.StartInquery2009                      |
| dbo.StartInquery2009_20110901             |
| dbo.StartInquery2009_20130911             |
| dbo.Statistic                             |
| dbo.StudentCourseView                     |
| dbo.StudentNo14_V                         |
| dbo.StudentNo9_V                          |
| dbo.StudentZy_V                           |
| dbo.Student_Course_T                      |
| dbo.Student_Info_T                        |
| dbo.Student_Info_T1                       |
| dbo.Student_Info_V                        |
| dbo.Student_Plan_Specialty_V              |
| dbo.StudyInquery                          |
| dbo.SubUserChange_T                       |
| dbo.TA_LOGINNUM                           |
| dbo.TA_LOGINNUM1                          |
| dbo.TA_LOGINTIME                          |
| dbo.TEMP2_Topic_Code_T                    |
| dbo.TV_Study_T                            |
| dbo.Teacher_Info_V                        |
| dbo.Teacher_district_V                    |
| dbo.Test_Calculat_Question                |
| dbo.Test_Course_T                         |
| dbo.Test_DiceySelect_Question             |
| dbo.Test_Discuss_Question                 |
| dbo.Test_FillSpace_Question               |
| dbo.Test_Judge_Question                   |
| dbo.Test_Major_direction_T                |
| dbo.Test_Match_Question                   |
| dbo.Test_MultiSelect_Question             |
| dbo.Test_Other_Question                   |
| dbo.Test_Paper_T                          |
| dbo.Test_Paper_info                       |
| dbo.Test_QuestionTable                    |
| dbo.Test_SimpleAnswer_Question            |
| dbo.Test_SingleSelect_Question            |
| dbo.Test_Student_Answer                   |
| dbo.Topic_Code_T                          |
| dbo.Upload_Column_T                       |
| dbo.Upload_Dept_Info                      |
| dbo.Upload_File_Size_T                    |
| dbo.Upload_Info                           |
| dbo.Upload_Operation                      |
| dbo.Upload_Stat_View                      |
| dbo.Upload_Stat_View_New                  |
| dbo.Upload_T                              |
| dbo.Upload_WebSide_Info                   |
| dbo.UserName_V                            |
| dbo.UserState                             |
| dbo.UserVisit_Inquery                     |
| dbo.User_BaseInfo_T                       |
| dbo.User_BaseInfo_T_20051118              |
| dbo.User_BaseInfo_V                       |
| dbo.User_Class_T                          |
| dbo.User_Online                           |
| dbo.User_Online_T                         |
| dbo.User_Rights_T                         |
| dbo.User_System_Inquery                   |
| dbo.User_student_V                        |
| dbo.Users                                 |
| dbo.UsersTest                             |
| dbo.Users_N                               |
| dbo.Users_back                            |
| dbo.Users_closed                          |
| dbo.VIEW1                                 |
| dbo.VIEW2                                 |
| dbo.VIEW3                                 |
| dbo.VIEW_category                         |
| dbo.VIEW_category1                        |
| dbo.VOD_Course                            |
| dbo.VOD_Course_list                       |
| dbo.VOD_Course_list$                      |
| dbo.VU_ImageCode                          |
| dbo.VU_UserRelation                       |
| dbo.V_jpkc2010_score                      |
| dbo.VbiPlan                               |
| dbo.WLKC_ZGFZS_BOOKMARK_T                 |
| dbo.WLKC_ZGFZS_NOTE_T                     |
| dbo.WLKC_ZGFZS_PROCESSOFSTUDY_T           |
| dbo.XXC_Answert_T                         |
| dbo.XXC_User_T                            |
| dbo.XZ_ManagerInquery                     |
| dbo.XZ_StudentInquery                     |
| dbo.XZ_TeacherInquery                     |
| dbo.Y_Plan_Course_T                       |
| dbo.Y_Plan_Course_T20090319bak            |
| dbo.Y_Plan_Course_T_201303                |
| dbo.Y_Plan_Info_T20090319bak              |
| dbo.Y_Plan_Info_T_201303                  |
| dbo.Y_Plan_Info_t                         |
| dbo.Y_Plan_Info_t20130916                 |
| dbo.Y_Plan_Info_t3                        |
| dbo.Y_StuType_Info_T                      |
| dbo.Y_plan_course_t_201003                |
| dbo.Yplan_Course_TBak                     |
| dbo.adotest                               |
| dbo.affiche_info                          |
| dbo.article                               |
| dbo.article2                              |
| dbo.bbs_Category                          |
| dbo.bbs_Course_t                          |
| dbo.bbs_DenyUser                          |
| dbo.bbs_affiche                           |
| dbo.bbs_article                           |
| dbo.bbs_article_S                         |
| dbo.bbs_article_V                         |
| dbo.bbs_category_stat                     |
| dbo.bbs_department                        |
| dbo.bbs_favorite                          |
| dbo.beijing3                              |
| dbo.bjxxb                                 |
| dbo.book_bkk                              |
| dbo.book_book                             |
| dbo.book_log                              |
| dbo.book_zc                               |
| dbo.bx201003                              |
| dbo.callcenterInquery_t                   |
| dbo.chatroom_view                         |
| dbo.cjzb                                  |
| dbo.course                                |
| dbo.coursecount                           |
| dbo.coursesource                          |
| dbo.ddsx2011Inquery2                      |
| dbo.ddsx2011inquery                       |
| dbo.ddsxfilevisitnum                      |
| dbo.districtschool_manager_t              |
| dbo.dtproperties                          |
| dbo.dwdm                                  |
| dbo.ea_coursenew                          |
| dbo.ea_depart                             |
| dbo.efficiency_survey_T                   |
| dbo.efficiency_survey_sum_T               |
| dbo.etas_USERINFO                         |
| dbo.etas_Userid                           |
| dbo.etas_userinfo_err                     |
| dbo.feedback_answer                       |
| dbo.feedback_option                       |
| dbo.feedback_question                     |
| dbo.feedback_result                       |
| dbo.feedback_result_remark                |
| dbo.feedback_t20110310                    |
| dbo.file_info_Tbak20101123                |
| dbo.filebak                               |
| dbo.filess                                |
| dbo.foofoofoo                             |
| dbo.gaofei_para                           |
| dbo.gaofei_standard                       |
| dbo.gaofei_user                           |
| dbo.guangdong1                            |
| dbo.guestbook                             |
| dbo.hkxz                                  |
| dbo.hyzk                                  |
| dbo.inquery_schoolinfo                    |
| dbo.inschoolTime_T                        |
| dbo.itpro                                 |
| dbo.jcdc_actanswer_v                      |
| dbo.jcdc_actnum_T                         |
| dbo.jcdc_actuser_selcourse                |
| dbo.jcdc_course_T                         |
| dbo.jcdc_course_book_sum                  |
| dbo.jcdc_course_school                    |
| dbo.jcdc_exam                             |
| dbo.jcdc_exam_course                      |
| dbo.jcdc_finale_sheet                     |
| dbo.jcdc_question_T                       |
| dbo.jcdc_same_f                           |
| dbo.jcdc_samecourse_T                     |
| dbo.jcdc_sjht_sum                         |
| dbo.jcdc_student_answer_v                 |
| dbo.jcdc_student_course                   |
| dbo.jcdc_student_course_Tnew              |
| dbo.jcdc_total_score_F                    |
| dbo.jcdc_total_score_T                    |
| dbo.jcdc_user090109                       |
| dbo.jcdccoursebookcount                   |
| dbo.jcdctempcouse                         |
| dbo.jgdm                                  |
| dbo.jjsx_b20101011                        |
| dbo.jjsx_n                                |
| dbo.jjsx_s                                |
| dbo.jjsx_sbak                             |
| dbo.jjsx_sbak1                            |
| dbo.jjsx_sbak2                            |
| dbo.jpkc2008_NetCourseAddInfo_T           |
| dbo.jpkc2008_NetCourseDetail_T            |
| dbo.jpkc2008_NetCourseExecutive_T         |
| dbo.jpkc2008_NetCourseExpert_T            |
| dbo.jpkc2008_NetCourseOtherTeacher_T      |
| dbo.jpkc2008_NetCourseScore_T             |
| dbo.jpkc2008_NetCourseZP_T                |
| dbo.jpkc2008_NetCourse_dwpasswordB        |
| dbo.jpkc2009_NetCourseAddInfo_T           |
| dbo.jpkc2009_NetCourseDetail_T            |
| dbo.jpkc2009_NetCourseExecutive_T         |
| dbo.jpkc2009_NetCourseExpert_T            |
| dbo.jpkc2009_NetCourseOtherTeacher_T      |
| dbo.jpkc2009_NetCourseScore_T             |
| dbo.jpkc2009_NetCourseZP_T                |
| dbo.jpkc2009_NetCourse_dwpasswordB        |
| dbo.jpkc2010_NetCourseAddInfo_T           |
| dbo.jpkc2010_NetCourseDetail_T            |
| dbo.jpkc2010_NetCourseExecutive_T         |
| dbo.jpkc2010_NetCourseExpert_T            |
| dbo.jpkc2010_NetCourseOtherTeacher_T      |
| dbo.jpkc2010_NetCourseScore_T             |
| dbo.jpkc2010_NetCourseZP_T                |
| dbo.jpkc2010_NetCourse_dwpasswordB        |
| dbo.jpkc2011_NetCourseAddInfo_T           |
| dbo.jpkc2011_NetCourseDetail_T            |
| dbo.jpkc2011_NetCourseExecutive_T         |
| dbo.jpkc2011_NetCourseExpert_T            |
| dbo.jpkc2011_NetCourseOtherTeacher_T      |
| dbo.jpkc2011_NetCourseScore_T             |
| dbo.jpkc2011_NetCourseZP_T                |
| dbo.jpkc2011_NetCourse_dwpasswordB        |
| dbo.jpkc2012_NetCourseAddInfo_T           |
| dbo.jpkc2012_NetCourseDetail_T            |
| dbo.jpkc2012_NetCourseExecutive_T         |
| dbo.jpkc2012_NetCourseExpert_T            |
| dbo.jpkc2012_NetCourseOtherTeacher_T      |
| dbo.jpkc2012_NetCourseScore_T             |
| dbo.jpkc2012_NetCourseZP_T                |
| dbo.jpkc2012_NetCourse_dwpasswordB        |
| dbo.jpkc2013_NetCourseAddInfo_T           |
| dbo.jpkc2013_NetCourseDetail_T            |
| dbo.jpkc2013_NetCourseExecutive_T         |
| dbo.jpkc2013_NetCourseExpert_T            |
| dbo.jpkc2013_NetCourseOtherTeacher_T      |
| dbo.jpkc2013_NetCourseScore_T             |
| dbo.jpkc2013_NetCourseZP_T                |
| dbo.jpkc2013_NetCourseZP_T0709            |
| dbo.jpkc2013_NetCourse_dwpasswordB        |
| dbo.jpkc_expertscore                      |
| dbo.jstd_techniclevel_T                   |
| dbo.jstd_zp_poll                          |
| dbo.jstd_zp_table                         |
| dbo.jxhjdy                                |
| dbo.jxyxjpg_Forum_Article                 |
| dbo.jxyxjpg_Forum_Category                |
| dbo.jxyxjpg_Forum_Variables               |
| dbo.jxyxjpg_UserInfo                      |
| dbo.kcgldw                                |
| dbo.kclb                                  |
| dbo.kclx                                  |
| dbo.kcxz                                  |
| dbo.kczb                                  |
| dbo.kczb20090303bak                       |
| dbo.kczb20090304bak                       |
| dbo.kczb20090309bak                       |
| dbo.kczb20130305bak                       |
| dbo.kdxxb                                 |
| dbo.kslb                                  |
| dbo.manager_right_con_t                   |
| dbo.managerright_t                        |
| dbo.mder_zpv                              |
| dbo.meetingSpeaker_T                      |
| dbo.meeting_Record_T                      |
| dbo.mzdm                                  |
| dbo.njdm                                  |
| dbo.njkc                                  |
| dbo.njzy                                  |
| dbo.njzy1                                 |
| dbo.njzy20090303bak                       |
| dbo.njzy20090304bak                       |
| dbo.njzy20090309bak                       |
| dbo.njzy20130305bak                       |
| dbo.noanswer101d                          |
| dbo.noonenum_t                            |
| dbo.note_book_T                           |
| dbo.odbc-load                             |
| dbo.ok                                    |
| dbo.oper-db                               |
| dbo.pbcatcol                              |
| dbo.pbcatedt                              |
| dbo.pbcatfmt                              |
| dbo.pbcattbl                              |
| dbo.pbcatvld                              |
| dbo.perf-tracer                           |
| dbo.person                                |
| dbo.prof-trace                            |
| dbo.sannong2011_NetCourseAddInfo_T        |
| dbo.sannong2011_NetCourseDetail_T         |
| dbo.sannong2011_NetCourseExecutive_T      |
| dbo.sannong2011_NetCourseExpert_T         |
| dbo.sannong2011_NetCourseOtherTeacher_T   |
| dbo.sannong2011_NetCourseScore_T          |
| dbo.sannong2011_NetCourseZP_T             |
| dbo.sannong2011_NetCourse_dwpasswordB     |
| dbo.schoolgrade_t                         |
| dbo.schoolinfo2                           |
| dbo.schoolinfo_v                          |
| dbo.schoolspecilty                        |
| dbo.schooluser                            |
| dbo.sheet2$                               |
| dbo.shengjian2008_NetCourseAddInfo_T      |
| dbo.shengjian2008_NetCourseDetail_T       |
| dbo.shengjian2008_NetCourseExecutive_T    |
| dbo.shengjian2008_NetCourseExpert_T       |
| dbo.shengjian2008_NetCourseOtherTeacher_T |
| dbo.shengjian2008_NetCourseScore_T        |
| dbo.shengjian2008_NetCourseZP_T           |
| dbo.shengjian2008_NetCourse_dwpasswordB   |
| dbo.shengjian2009_NetCourseAddInfo_T      |
| dbo.shengjian2009_NetCourseDetail_T       |
| dbo.shengjian2009_NetCourseExecutive_T    |
| dbo.shengjian2009_NetCourseExpert_T       |
| dbo.shengjian2009_NetCourseOtherTeacher_T |
| dbo.shengjian2009_NetCourseScore_T        |
| dbo.shengjian2009_NetCourseZP_T           |
| dbo.shengjian2009_NetCourse_dwpasswordB   |
| dbo.shortnote_detail_t                    |
| dbo.shortnotes_title_T                    |
| dbo.signup                                |
| dbo.sjsqkb                                |
| dbo.source                                |
| dbo.speciality                            |
| dbo.speciality_Info_t                     |
| dbo.specialitybbs_article                 |
| dbo.specialty                             |
| dbo.specialzyconn_t                       |
| dbo.student_enrollmentgrade_t             |
| dbo.studentnoinfo_t                       |
| dbo.survey_basic_status                   |
| dbo.survey_status                         |
| dbo.survey_user                           |
| dbo.syscol                                |
| dbo.t_OULogInquery                        |
| dbo.t_OULogInqueryResult                  |
| dbo.t_jiaozhu                             |
| dbo.teach_action                          |
| dbo.teachaction_record_t                  |
| dbo.temp_feedback                         |
| dbo.temp_poll_record                      |
| dbo.tempnb                                |
| dbo.tempnbs                               |
| dbo.tempndb                               |
| dbo.testBug                               |
| dbo.tmp2                                  |
| dbo.tmp3                                  |
| dbo.tmp4                                  |
| dbo.tmp5                                  |
| dbo.trans_userinfo_t                      |
| dbo.transuser_log_t                       |
| dbo.type_info                             |
| dbo.upload_check_t                        |
| dbo.user081217                            |
| dbo.user0816                              |
| dbo.user1223                              |
| dbo.user_info_V                           |
| dbo.users_view                            |
| dbo.view_etas_student                     |
| dbo.view_etas_teacher                     |
| dbo.vwVUUserInfo                          |
| dbo.whcd                                  |
| dbo.xbdm                                  |
| dbo.xfly                                  |
| dbo.xjzt                                  |
| dbo.xkkc                                  |
| dbo.xsjbdab1995                           |
| dbo.xsjbdab1999                           |
| dbo.xsjbdab2                              |
| dbo.xsjbdab2000                           |
| dbo.xsjbdab2001                           |
| dbo.xsjbdab2002                           |
| dbo.xsjbdab2003                           |
| dbo.xsjbdab2004                           |
| dbo.xsjbdab_110                           |
| dbo.xsjbdab_120                           |
| dbo.xsjbdab_130                           |
| dbo.xsjbdab_140                           |
| dbo.xsjbdab_150                           |
| dbo.xsjbdab_210                           |
| dbo.xsjbdab_211                           |
| dbo.xsjbdab_212                           |
| dbo.xsjbdab_220                           |
| dbo.xsjbdab_221                           |
| dbo.xsjbdab_230                           |
| dbo.xsjbdab_231                           |
| dbo.xsjbdab_310                           |
| dbo.xsjbdab_320                           |
| dbo.xsjbdab_321                           |
| dbo.xsjbdab_330                           |
| dbo.xsjbdab_331                           |
| dbo.xsjbdab_340                           |
| dbo.xsjbdab_350                           |
| dbo.xsjbdab_351                           |
| dbo.xsjbdab_360                           |
| dbo.xsjbdab_370                           |
| dbo.xsjbdab_371                           |
| dbo.xsjbdab_410                           |
| dbo.xsjbdab_420                           |
| dbo.xsjbdab_421                           |
| dbo.xsjbdab_430                           |
| dbo.xsjbdab_440                           |
| dbo.xsjbdab_441                           |
| dbo.xsjbdab_442                           |
| dbo.xsjbdab_450                           |
| dbo.xsjbdab_460                           |
| dbo.xsjbdab_510                           |
| dbo.xsjbdab_511                           |
| dbo.xsjbdab_512                           |
| dbo.xsjbdab_520                           |
| dbo.xsjbdab_530                           |
| dbo.xsjbdab_610                           |
| dbo.xsjbdab_611                           |
| dbo.xsjbdab_620                           |
| dbo.xsjbdab_630                           |
| dbo.xsjbdab_640                           |
| dbo.xsjbdab_650                           |
| dbo.xsjbdab_651                           |
| dbo.xsjbdab_801                           |
| dbo.xsjbdab_802                           |
| dbo.xsjbdab_803                           |
| dbo.xsjbdab_804                           |
| dbo.xsjbdab_805                           |
| dbo.xsjbdab_807                           |
| dbo.xslb                                  |
| dbo.xslx                                  |
| dbo.xujbF_C                               |
| dbo.xyfb                                  |
| dbo.xyzw                                  |
| dbo.ycycourse                             |
| dbo.year                                  |
| dbo.zydm                                  |
| dbo.zyid_v                                |
| dbo.zyjhxq                                |
| dbo.zyjhxq1                               |
| dbo.zyjhxq20090303bak                     |
| dbo.zyjhxq20090304bak                     |
| dbo.zyjhxq20090309bak                     |
| dbo.zyjhxq20130305bak                     |
| dbo.zyjsqkb                               |
| dbo.zyjxjh                                |
| dbo.zyjxjh1                               |
| dbo.zyjxjh20090303bak                     |
| dbo.zyjxjh20090304bak                     |
| dbo.zyjxjh20090309bak                     |
| dbo.zyjxjh20130305bak                     |
| dbo.zylba                                 |
| dbo.zyzb                                  |
| dbo.zyzb2                                 |
| dbo.zyzb2008                              |
| dbo.zyzb20090303bak                       |
| dbo.zyzb20090304bak                       |
| dbo.zyzb20090309bak                       |
| dbo.zyzb20090310bak                       |
| dbo.zyzb20100115bak                       |
| dbo.zyzb20100830bak                       |
| dbo.zyzb20110224bak                       |
| dbo.zyzb20120216bak                       |
| dbo.zyzb20120827bak                       |
| dbo.zyzb20130319bak                       |
| dbo.zyzb20130320bak                       |
| dbo.zyzb20130829bak                       |
| dbo.zyzbn                                 |
| dbo.zyzz_shipingtongji                    |
| dbo.zzmm                                  |
+-------------------------------------------+

修复方案:

.......................

版权声明:转载请注明来源 雅柏菲卡@乌云

漏洞回应

厂商回应:

未能联系到厂商或者厂商积极拒绝