乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-08-10: 细节已通知厂商并且等待厂商处理中 2015-08-14: 厂商已经确认,细节仅向厂商公开 2015-08-24: 细节向核心白帽子及相关领域专家公开 2015-09-03: 细节向普通白帽子公开 2015-09-13: 细节向实习白帽子公开 2015-09-28: 细节向公众公开
RT
Title : yaochufa%u7BA1%u7406%u7CFB%u7EDFlocation : http://you.yaochufa.com/portal/feedback/index/page/2toplocation : http://you.yaochufa.com/portal/feedback/index/page/2cookie : CNZZDATA1000509376=808276689-1431308414-http%253A%252F%252Fwww.yaochufa.com%252F%7C1431308414; youProvince=%E5%B9%BF%E4%B8%9C; Hm_lvt_f31dc171e9a537f567129cb4074409a6=1436509516,1437615566,1438134851,1438591019; CNZZDATA1000465838=1610377201-1432020832-http%253A%252F%252Fwww.yaochufa.com%252F%7C1438590333; CNZZDATA1000490903=357022610-1438585743-http%253A%252F%252Fyou.yaochufa.com%252F%7C1438591238; Hm_lvt_51a8cfa1a54e5012b018dcef320fa732=1437704045; Hm_lvt_51a8cfa1a54e5012b018dcef320fa732=1437704045,1438916784; [email protected]; PHPSESSID=n8pj9759sepmbpvfjk9sash9c4; currentIpAddress=provinceId%3D21%26province%3Dguangdong%26provinceCode%3D440000%26provinceShowName%3D%25E5%25B9%25BF%25E4%25B8%259C%26cityName%3D%25E5%25B9%25BF%25E5%25B7%259E; recentlyViewed=18977%2C10479%2C18048%2C14155%2C2948%2C14032%2C14100%2C18410%2C14248%2C18870; Hm_lvt_84c5b2688d39b4e3c23d132b53b4e79b=1438737874,1438846358,1438910868,1439173559; Hm_lpvt_84c5b2688d39b4e3c23d132b53b4e79b=1439173565opener :HTTP_REFERER : http://you.yaochufa.com/portal/feedback/index/page/2HTTP_USER_AGENT : Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/40.0.2214.93 Safari/537.36REMOTE_ADDR : 121.33.210.1
可以替换各种APP下载包哦 这个应该是推广的你懂得啦 替换成木马还还得了
这里是官方的APP更新下载地址哦 可替换 你懂得了~可泄露用户大量信息哦 如姓名 地址 手机号
官网一些内容都可以改了
综上
过滤
危害等级:中
漏洞Rank:7
确认时间:2015-08-14 15:14
谢谢您的努力!
2015-08-14:在处理了