乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2014-08-05: 细节已通知厂商并且等待厂商处理中 2014-08-06: 厂商已经确认,细节仅向厂商公开 2014-08-16: 细节向核心白帽子及相关领域专家公开 2014-08-26: 细节向普通白帽子公开 2014-09-05: 细节向实习白帽子公开 2014-09-19: 细节向公众公开
。。。。。。
https://github.com/xdy2001/share.dp/tree/master/shareDP-web数据库连接信息
# local, testPOI_DATABASE_URI = 'mysql://root:aix@rt#@192.168.6.233/DianPing?charset=utf8' #POI数据库FEEDBACK_DATABASE_URI = 'mysql://root:aix@rt#@192.168.6.233/DianPing?charset=utf8' #Feedback数据库USER_DATABASE_URI = 'mysql://root:aix@rt#@192.168.6.233/DianPing?charset=utf8' #用户数据(DP_Admin),用于登录验证SQLITE_URL = 'sqlite:///' + os.path.join(basedir, 'poi-op.db')RUBBISH_DATABASE_URI = 'mysql://root:aix@rt#@192.168.6.233/DianPing?charset=utf8'POI_DATABASE_URI = 'mysql://aspnet_user:dp!@[email protected]:3306/DianPing?charset=utf8' #POI数据库FEEDBACK_DATABASE_URI = 'mysql://aspnet_user:dp!@[email protected]:3306/DianPing?charset=utf8' #Feedback数据库USER_DATABASE_URI = 'mysql://aspnet_user:dp!@[email protected]:3306/DianPing?charset=utf8' #用户数据(DP_Admin),用于登录验证# 线上环境if ENV == 'ONLINE': POI_DATABASE_URI = 'mysql://dpcom_job:dp!@[email protected]:3306/DianPing?charset=utf8' #POI数据库 FEEDBACK_DATABASE_URI = 'mysql://dpcom_job:dp!@[email protected]:3306/DianPing?charset=utf8' #Feedback数据库 USER_DATABASE_URI = 'mysql://dpcom_job:dp!@[email protected]:3306/DianPing?charset=utf8' #用户数据(DP_Admin),用于登录验证 SQLITE_URL = 'sqlite:///' + os.path.join(basedir, 'poi-op-online.db') RUBBISH_DATABASE_URI = 'mysql://dpcom_poi:dp!@[email protected]:3308/DianPingPOI?charset=utf8'# Beta环境elif ENV == 'BETA': POI_DATABASE_URI = 'mysql://aspnet_user:dp!@[email protected]:3306/DianPing?charset=utf8' #POI数据库 FEEDBACK_DATABASE_URI = 'mysql://aspnet_user:dp!@[email protected]:3306/DianPing?charset=utf8' #Feedback数据库 USER_DATABASE_URI = 'mysql://aspnet_user:dp!@[email protected]:3306/DianPing?charset=utf8' #用户数据(DP_Admin),用于登录验证 SQLITE_URL = 'sqlite:///' + os.path.join(basedir, 'poi-op-beta.db') RUBBISH_DATABASE_URI = 'mysql://dpcom_poi:dp!@[email protected]:3306/DianPingPOI?charset=utf8'
邮箱帐号密码
MAIL_CONFIG = { 'smtp': 'mail.51ping.com', 'username': '[email protected]', 'password': 'dianping.com',}
数据库连接信息
危害等级:中
漏洞Rank:10
确认时间:2014-08-06 11:09
3q,其他公司人员参加我们的hackathon导致的,敏感信息大部分已失效
暂无