乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2011-04-02: 细节已通知厂商并且等待厂商处理中 2011-04-02: 厂商已经确认,细节仅向厂商公开 2011-04-12: 细节向核心白帽子及相关领域专家公开 2011-04-22: 细节向普通白帽子公开 2011-05-02: 细节向实习白帽子公开 2011-05-02: 细节向公众公开
当提交错误的配置时,导致路径信息暴露而威胁服务器安全。
提交攻击代码,即可爆出相关敏感信息。
测试页面:http://mall.sina.com.cn/Search/ProductSearch.aspx?w='测试方法:提交攻击代码,即可爆出相关敏感信息。
[XmlException: “query”为意外标记。预期标记为“"”或“'”。 行 1,位置 33。] System.Xml.XmlTextReaderImpl.Throw(Exception e) +76 System.Xml.XmlTextReaderImpl.Throw(String res, String[] args) +88 System.Xml.XmlTextReaderImpl.ThrowUnexpectedToken(String expectedToken1, String expectedToken2) +104 System.Xml.XmlTextReaderImpl.ParseAttributes() +3978624 System.Xml.XmlTextReaderImpl.ParseElement() +343 System.Xml.XmlTextReaderImpl.ParseElementContent() +121 System.Xml.XmlTextReaderImpl.Read() +45 System.Xml.XmlTextReader.Read() +15 System.Xml.XmlLoader.LoadNode(Boolean skipOverWhitespace) +58 System.Xml.XmlLoader.ReadCurrentNode(XmlDocument doc, XmlReader reader) +96 System.Xml.XmlDocument.ReadNode(XmlReader reader) +69 System.Data.DataSet.ReadXml(XmlReader reader, Boolean denyResolving) +2008 System.Data.DataSet.ReadXml(TextReader reader) +54 SinaEC.Shopping.WebUI.Search.ProductSearch.GetSearchRustlt(String Parameter) in D:\WorkSpace\SinaEC\SinaEC.ForeFlat\SinaEC.Shopping.WebUI\Search\ProductSearch.aspx.cs:89 SinaEC.Shopping.WebUI.Search.ProductSearch.BindData(HttpRequest Request) in D:\WorkSpace\SinaEC\SinaEC.ForeFlat\SinaEC.Shopping.WebUI\Search\ProductSearch.aspx.cs:39 SinaEC.Shopping.WebUI.Search.ProductSearch.Page_Load(Object sender, EventArgs e) in D:\WorkSpace\SinaEC\SinaEC.ForeFlat\SinaEC.Shopping.WebUI\Search\ProductSearch.aspx.cs:32 System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e) +14 System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object sender, EventArgs e) +35 System.Web.UI.Control.OnLoad(EventArgs e) +99 System.Web.UI.Control.LoadRecursive() +50 System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +627
无
危害等级:低
漏洞Rank:1
确认时间:2011-04-02 12:13
感谢您对我们的支持.
暂无