阿帕比图书馆系统POST SQL注入

2015-03-25T00:00:00
ID SSV:95491
Type seebug
Reporter Root
Modified 2015-03-25T00:00:00

Description

简要描述:

一处SQL注入漏洞

详细说明:

厂商:http://www.apabi.cn 北京方正阿帕比技术有限公司

SQL注入点:

/bbs/bbs_search.asp?lang=gb POST:key=1 其中key参数存在SQL注入

Microsoft OLE DB Provider for SQL Server 错误 '80040e14' 第 1 行: '%' 附近有语法错误。 D:\PROGRAM FILES\FOUNDER\DLIBRARY\ROOT\BBS\..\..\Include\Class_BBS.Inc.asp,行 60

互联网自动采集案例5枚:

http://202.119.210.5/dlib/bbs/bbs_search.asp?lang=gb http://210.37.2.181/dlib/bbs/bbs_search.asp?lang=gb http://210.34.4.3/dlib/bbs/bbs_search.asp?lang=gb http://202.117.24.8/dlib/bbs/bbs_search.asp?lang=gb http://apabi.lib.njit.edu.cn/bbs/bbs_search.asp?lang=gb

漏洞证明:

我就测试2例:

``` 1、

[<img src="https://images.seebug.org/upload/201503/2508582434983f97116e5d4dfddd068370db978f.png" alt="01.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201503/2508582434983f97116e5d4dfddd068370db978f.png)

[<img src="https://images.seebug.org/upload/201503/25085831738533b4bffd61ff3aa5aa3d57cf63e8.png" alt="02.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201503/25085831738533b4bffd61ff3aa5aa3d57cf63e8.png)

2、

[<img src="https://images.seebug.org/upload/201503/25090153c7b70bc8ff4bdeca88c971dec0adf25c.png" alt="03.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201503/25090153c7b70bc8ff4bdeca88c971dec0adf25c.png)

[<img src="https://images.seebug.org/upload/201503/2509020037d6c3ff36e0e021469eca5e9d2ebb0e.png" alt="04.png" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201503/2509020037d6c3ff36e0e021469eca5e9d2ebb0e.png)

```