乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-03-17: 细节已通知厂商并且等待厂商处理中 2015-03-18: 厂商已经确认,细节仅向厂商公开 2015-03-28: 细节向核心白帽子及相关领域专家公开 2015-04-07: 细节向普通白帽子公开 2015-04-17: 细节向实习白帽子公开 2015-05-02: 细节向公众公开
某分站存在漏洞
http://cms.joy.cn/.svn/entries
# rmi servercms4.rmi.host=cms.rmi# client hostcms4.client.domain=joy.cncms4.client.host=cms.joy.cn#cms4.search.host=search.cms.joy.cn# cms file rootcms4.client.file.root=/data/cms/web# template/frag page store path , client sidecms4.client.file.template.page=/cms_page/templatecms4.client.file.template.page.jsp=/jspcms4.client.file.template.page.html=/htmlcms4.client.file.frag.page=/cms_page/fragcms4.client.compile.machine=192.168.20.50# cms picture store infocms4.file.picture.domain=img.joy.comcms4.file.picture.root=/img## compile configurationcms4.client.compile.filecache=/tmp/filecache.datcms4.client.compile.fileexception=/tmp/fileexception.dat## for compilecache.object.list.maxsize=1000compile.grooveroot=/data/cms/web/WEB-INF/groovy/beantag.grooveroot=/data/cms/web/WEB-INF/groovy/beantagscript/## pagination entity queuecms4.client.pagination.queue=/tmp/paginationqueue.datcompile.paging.script=pagingcompile.paging.nav.script=pagingnavcms4.client.file.template.log=/tmp/template.logcms4.debug=truecms4.client.autopush.file=/data/cms/web/autopush/autopushnews.xmlcms4.picbatch.upload.filesize=5242880cms4.picbatch.upload.allowFileExt=jpg;png;gif;bmp;jpegcms4.picbatch.upload.tempPicturePath=/tmp/pictmp/cms4.statistic.dir=/data/cms/web/WEB-INF/stat/#multi-thread switch #intelligence tipscms4.statisticthread.switch=true#channel treecms4.channeltreethread.switch=truecms4.quartz.ip=60.190.31.179
随便看
删除
危害等级:中
漏洞Rank:6
确认时间:2015-03-18 10:17
系统已停用了
暂无