spellchecker.php 漏洞,整理一些大汉版通的漏洞

1.sql注入

/vc/vc/interface/index/que_scount.jsp?webid=1

/jcms/short_message/que_contact.jsp?vc_searchname=1

/jcms/short_message/que_recemsg.jsp?que_keywords=1&loginid=a

/jcms/workflow/design/que_model.jsp?userid=

/jcms/workflow/objectbox/selectx_search.jsp?spell=1

/jcms/workflow/objectbox/selectx_list.jsp?id=1

/jcms/workflow/objectbox/selectx_search.jsp?spell=jcms

/jcms/short_message/opr_domsg.jsp?fn=DA&i_id=1&vc_name=a

/jcms/workflow/sys/que_dictionary.jsp?que_keywords1=aaa

/jcms/m_5_d/opr_wap_col.jsp?strid=122222222&fn_billstatus=D

/jcms/m_5_e/init/sitesearch/opr_classajax.jsp?classid=1

/jcms/m_5_5/m_5_5_1/que_flow.jsp?que_keywords1=aaa

/jcms/m_5_3/attach/que_attach_choose.jsp?classid=-1&que_keywords1=1

/jcms/workflow/objectbox/selectx_c

你可能感兴趣的:(漏洞)