乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-05-20: 细节已通知厂商并且等待厂商处理中 2015-05-25: 厂商已经确认,细节仅向厂商公开 2015-05-28: 细节向第三方安全合作伙伴开放 2015-07-19: 细节向核心白帽子及相关领域专家公开 2015-07-29: 细节向普通白帽子公开 2015-08-08: 细节向实习白帽子公开 2015-08-23: 细节向公众公开
rt
安宁VMX反垃圾网关用户系统
http://218.244.254.4:8080/https://mail.rioh.cn/http://123.234.83.125:81/https://218.247.4.4/https://219.232.102.4/http://218.247.4.4:8080/https://123.234.83.125/http://218.28.36.204/http://221.192.133.63/http://203.85.128.130/http://203.85.54.179/http://111.205.199.130/http://106.120.87.130/http://gateway3.pactera.com/http://gateway.pactera.com/http://gateway3.vanceinfo.com/
第一处
POST /login.php HTTP/1.1Host: 221.192.133.63Content-Length: 93Cache-Control: max-age=0Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8Origin: http://221.192.133.63User-Agent: Opera/9.80 (Windows NT 6.0) Presto/2.12.388 Version/12.14Content-Type: application/x-www-form-urlencodedReferer: http://221.192.133.63/Accept-Encoding: gzip, deflateAccept-Language: zh-CN,zh;q=0.8Cookie: LOGIN_KEY=bb78d4744eb9322de63bd05e954bf970F_lang=&F_tm=1432111200&F_email=admin&F_domain=admin&F_password=admin&action.x=34&action.y=10
参数F_email存在SQL注入第二处
POST /gateadmin/logins.php HTTP/1.1Host: 221.192.133.63Content-Length: 72Cache-Control: max-age=0Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8Origin: http://221.192.133.63User-Agent: Opera/9.80 (Windows NT 6.0) Presto/2.12.388 Version/12.14Content-Type: application/x-www-form-urlencodedReferer: http://221.192.133.63/gateadmin/Accept-Encoding: gzip, deflateAccept-Language: zh-CN,zh;q=0.8Cookie: LOGIN_KEY=c6f2c274815c6602497c160dc6466e58F_admin=admin&F_password=admin&F_save_admin=checkbox&F_sub.x=0&F_sub.y=0
参数F_admin存在SQL注入
过滤
危害等级:高
漏洞Rank:13
确认时间:2015-05-25 11:03
CNVD确认所述情况,已经由CNVD通过以往建立的处置渠道向软件生产厂商通报。
暂无