WooYun.org

中国银联
站点：http://charity.chinapay.com/
漏洞：
http://charity.chinapay.com/admin/system/index.php 越界溢出了
[4] => Array
(
[file] => /var/www/charity/data/module/DB/mysql.php
[line] => 324
[function] => mysqlRaiseError
[class] => DB_mysql
[object] => DB_mysql Object
(
[phptype] => mysql
[dbsyntax] => mysql
[features] => Array
(
[limit] => alter
[new_link] => 4.2.0
[numrows] => 1
[pconnect] => 1
[prepare] =>
[ssl] =>
[transactions] => 1
)
[errorcode_map] => Array
(
[1004] => -15
[1005] => -15
[1006] => -15
[1007] => -5
[1008] => -17
[1022] => -5
[1044] => -26
[1046] => -14
[1048] => -3
[1049] => -27
[1050] => -5
[1051] => -18
[1054] => -19
[1061] => -5
[1062] => -5
[1064] => -2
[1091] => -4
[1100] => -21
[1136] => -22
[1142] => -26
[1146] => -18
[1216] => -3
[1217] => -3
)
[connection] => Resource id #51
[dsn] => Array
(
[phptype] => mysql
[dbsyntax] => mysql
[username] => charity
[password] => charity***
[protocol] => tcp
[hostspec] => 10.10.*.28
[port] => 3306
[socket] =>
[database] => charity
)
[autocommit] => 1
[transaction_opcount] => 0
[_db] => charity
[fetchmode] => 1
[fetchmode_object_class] => stdClass
[was_connected] =>
[last_query] => SELECT id, name FROM mtb_authority ORDER BY rank
[options] => Array
(
[result_buffering] => 500
[persistent] =>
[ssl] =>
[debug] => 9
[seqname_format] => %s_seq
[autofree] =>
[portability] => 0
[optimize] => performance
)
[last_parameters] => Array
(
)
[prepare_tokens] => Array
(
)
[prepare_types] => Array
(
)
[prepared_queries] => Array
(
)
[_debug] =>
[_default_error_mode] =>
[_default_error_options] =>
[_default_error_handler] =>
[_error_class] => DB_Error
[_expected_errors] => Array
(
)
)
[type] => ->
[args] => Array
(
)
)

后台：https://charity.chinapay.com/admin/login.php
ok 不深入~