乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2016-03-07: 细节已通知厂商并且等待厂商处理中 2016-03-11: 厂商已经确认,细节仅向厂商公开 2016-03-21: 细节向核心白帽子及相关领域专家公开 2016-03-31: 细节向普通白帽子公开 2016-04-10: 细节向实习白帽子公开 2016-04-25: 细节向公众公开
**.**.**.**:7001/wsfft 湖南省湘西州住房公积金存在weblogic反序列命令执行通过shell,配置数据库,发现近千万信息。主要是几百万个人详细的证件信息以及大量的缴费信息数据过于庞大,只截取部分作为证明。
<url>jdbc:oracle:thin:@**.**.**.**:1521:orcl</url> <driver-name>oracle.jdbc.OracleDriver</driver-name> <properties> <property> <name>user</name> <value>wsfft</value> </property> </properties> <password-encrypted>{AES}WxCY1oEDLxNyhralemLMdHjZVH+HG564WeKhTZe0M18=</password-encrypted>Wlyc20+#
CPZGLSZ 12149802CPJS 4089680SSLOG 2246724CPBGQC 2010716NET_SSOPTLOG 767715CPDWLSZ 599811WFACTIVITYINST 596767WFWORKITEM 465104CPJZD 330911AMJS 313344SS_USER_ROLE 240644SSUSERS 222094USPERSONS 211100SSPERSONS 195896PMLSGYR 141232PTWORKFLOWMXLOG 140735PTWORKFLOWLOG 138857SSOPTLOG 84715HS_PMLSHK 52814QUESTION 48278PMLS 34868PMLSHT 34318WFPROCESSINST 23591CPHJFT 22287SSUSERS_WT 19160CPHBJTSHT 14034SNZG 9204USFYDH 8634SNZGDWBG 7104CPYBDWYE 6420LOG_DATA 5220USUNIT 4603SSUNITINFO 3612MSZX 3207AMHJFT 2803CRMPROJECTYSXKZ 2732SSTRANSCODE 2578ZRXX 2574SS_WORK_DATE 2559LY 2175P_NEWS 1196SSNDPARATB 1030SS_ROLE_RESOURCE 960PMLSLLB 870BNDICT_T_DICTIONARY 758CRMDEVELOPER 730CRMPROJECT 730SS_MENU 498CPWTSK 359SSZHTJCOLUMNS 345CPZGBJ 327SSJBWDBUSINESS 321SSCOLUMNS 264QF_TONGHE 224YQLJ 219ZGWQ 216CPT_LOG_XXBG_DEF_SSCOLUMNS 214SSSTATUS 208SS_MENU_MESSAGE 181CPT_BLOB 150CPT_DATA_INFO 150CPCLLX 144SSADMINS 136SYSPARATB 134SSROLEMENU 130CPT_MESSAGE_CONTENT 124BNDICT_T_BUSINTYPE 123CPT_MESSAGE 120SSMENU 84SSDATAINTERFACEMX 73TOUSU 69SSORGANIZATION 68PMLSHK 65SSORGBUSINESS 59ARCSJLXMX 54P_NEWSSORT 54CPJSTZXESP 47SS_ROLE 45SSTRANSCODE_DETAIL 38DOWNTABLE 37SSORGRELATIONSHIP 37TOPWALK_SELECTED_TABLE 35TOUPIAO_JY 35AMZGBJ 32CPT_IMPORT_CFG_DTL 30AMWTSK 26BANK_RELATIONSHIP 26ADMINISTRATOR 25PBCATEDT 21SSTRADES 21PBCATFMT 20PMLSFWTS 18P_MAXID 14CPJSGL 12SYS_OI_TABLES 12SSDATAINTERFACE 12CPT_RPT_DEF 12WFPROCESSDEFINE 11SSBELONG 10SSECOATTRS 10NET_SSTRANSCODE 10TABLETYPE 10ARCSJLX 9SSROLEUSER 9CPHJZT 8SSROLE 8SSLOGTYPE 8SSOPERATOR 7SSAREA 7NET_SYSPARATB 6SSCOLUMNRULE 6PBCATCOL 6CPT_IMPORT_CFG 5CPT_DATASTORE 4SSAPPLICATIONS 4
数据库配置及结构
**.**.**.**:7001/wsfft/1.jspx
9635789
危害等级:中
漏洞Rank:10
确认时间:2016-03-11 11:50
漏洞重复,CNVD不在重复处置。
暂无