漏洞概要 关注数(24) 关注此漏洞
缺陷编号:wooyun-2015-0133596
漏洞标题:河南TV法制频道整站程序泄露包含用户账号密码
相关厂商:cncert国家互联网应急中心
漏洞作者: 路人甲
提交时间:2015-08-15 17:40
修复时间:2015-10-02 09:20
公开时间:2015-10-02 09:20
漏洞类型:敏感信息泄露
危害等级:高
自评Rank:12
漏洞状态:已交由第三方合作机构(cncert国家互联网应急中心)处理
漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]
Tags标签: 无
漏洞详情
披露状态:
2015-08-15: 细节已通知厂商并且等待厂商处理中
2015-08-18: cncert国家互联网应急中心暂未能联系到相关单位,细节仅向通报机构公开
2015-08-28: 细节向核心白帽子及相关领域专家公开
2015-09-07: 细节向普通白帽子公开
2015-09-17: 细节向实习白帽子公开
2015-10-02: 细节向公众公开
简要描述:
RT
详细说明:
http://zf.hntv.tv/wwwroot.rar
大象网政法频道整站程序可Download
漏洞证明:
<code># phpcms bakfile
# version:PHPCMS V9
# time:2015-02-09 09:29:44
# type:phpcms
# phpcms:http://**.**.**.**
# --------------------------------------------------------
DROP TABLE IF EXISTS `dq_admin`;
CREATE TABLE `dq_admin` (
`userid` mediumint(6) unsigned NOT NULL AUTO_INCREMENT,
`username` varchar(20) DEFAULT NULL,
`password` varchar(32) DEFAULT NULL,
`roleid` smallint(5) DEFAULT '0',
`encrypt` varchar(6) DEFAULT NULL,
`lastloginip` varchar(15) DEFAULT NULL,
`lastlogintime` int(10) unsigned DEFAULT '0',
`email` varchar(40) DEFAULT NULL,
`realname` varchar(50) NOT NULL DEFAULT '',
`card` varchar(255) NOT NULL,
`lang` varchar(6) NOT NULL,
PRIMARY KEY (`userid`),
KEY `username` (`username`)
) ENGINE=MyISAM AUTO_INCREMENT=7 DEFAULT CHARSET=utf8;
INSERT INTO `dq_admin` VALUES('1','daqing','7fb68f58ed8fcb98403059bc7f6f6440','1','sAmJ47','**.**.**.**','1423444131','8787@**.**.**.**','','','');
INSERT INTO `dq_admin` VALUES('2','liuxiaotian','a3a098f578eabccf8cc24ff31041352e','8','arjJbS','**.**.**.**','1423202196','dxwzfpd@**.**.**.**','刘晓田','','');
INSERT INTO `dq_admin` VALUES('3','lixin','75c32e683846e7eb5cb1b57001ec1367','5','yZCbv2','**.**.**.**','1423445303','dxwzfpd@**.**.**.**','李鑫','','');
INSERT INTO `dq_admin` VALUES('4','wangzixiao','dd306aa287b7c8cf9b48aa534ab9b945','5','eW36qN','**.**.**.**','1423444157','dxwzfpd@**.**.**.**','王子啸','','');
INSERT INTO `dq_admin` VALUES('5','yaoxin','7488b87db09e3e5b50c0eae1452dec34','5','Z3nH59','**.**.**.**','1423444465','dxwzfpd@**.**.**.**','姚昕','','zh-cn');
INSERT INTO `dq_admin` VALUES('6','dongaomi','1cc625a81531b5bab84578de2c663e80','4','R6HHcr','','0','dxwzfpd@**.**.**.**','董奥秘','','');
DROP TABLE IF EXISTS `dq_admin_panel`;
CREATE TABLE `dq_admin_panel` (
`menuid` mediumint(8) unsigned NOT NULL,
`userid` mediumint(8) unsigned NOT NULL DEFAULT '0',
`name` char(32) DEFAULT NULL,
`url` char(255) DEFAULT NULL,
`datetime` int(10) unsigned DEFAULT '0',
UNIQUE KEY `userid` (`menuid`,`userid`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8;
DROP TABLE IF EXISTS `dq_admin_role`;
CREATE TABLE `dq_admin_role` (
`roleid` tinyint(3) unsigned NOT NULL AUTO_INCREMENT,
`rolename` varchar(50) NOT NULL,
`description` text NOT NULL,
`listorder` smallint(5) unsigned NOT NULL DEFAULT '0',
`disabled` tinyint(1) unsigned NOT NULL DEFAULT '0',
PRIMARY KEY (`roleid`),
KEY `listorder` (`listorder`),
KEY `disabled` (`disabled`)
) ENGINE=MyISAM AUTO_INCREMENT=9 DEFAULT CHARSET=utf8;
INSERT INTO `dq_admin_role` VALUES('1','超级管理员','超级管理员','0','0');
INSERT INTO `dq_admin_role` VALUES('8','编辑部主任','编辑部主任','0','0');
INSERT INTO `dq_admin_role` VALUES('4','总编','总编','5','0');
INSERT INTO `dq_admin_role` VALUES('5','编辑','编辑','1','0');
DROP TABLE IF EXISTS `dq_admin_role_priv`;
CREATE TABLE `dq_admin_role_priv` (
`roleid` tinyint(3) unsigned NOT NULL DEFAULT '0',
`m` char(20) NOT NULL,
`c` char(20) NOT NULL,
`a` char(20) NOT NULL,
`data` char(30) NOT NULL DEFAULT '',
`siteid` smallint(5) unsigned NOT NULL DEFAULT '0',
KEY `roleid` (`roleid`,`m`,`c`,`a`,`siteid`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8;
INSERT INTO `dq_admin_role_priv` VALUES('8','content','create_html_opt','index','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','admin','admin_manage','public_edit_info','','1');
INSERT INTO `dq_admin_role_priv` VALUES('5','content','create_html','public_index','','1');
INSERT INTO `dq_admin_role_priv` VALUES('5','content','create_html_opt','index','','1');
INSERT INTO `dq_admin_role_priv` VALUES('5','admin','admin_manage','public_edit_info','','1');
INSERT INTO `dq_admin_role_priv` VALUES('5','admin','admin_manage','public_edit_pwd','','1');
INSERT INTO `dq_admin_role_priv` VALUES('5','admin','admin_manage','init','','1');
INSERT INTO `dq_admin_role_priv` VALUES('5','admin','index','public_main','','1');
INSERT INTO `dq_admin_role_priv` VALUES('5','content','type_manage','edit','','1');
INSERT INTO `dq_admin_role_priv` VALUES('5','content','type_manage','delete','','1');
INSERT INTO `dq_admin_role_priv` VALUES('5','content','type_manage','add','','1');
INSERT INTO `dq_admin_role_priv` VALUES('5','content','type_manage','init','','1');
INSERT INTO `dq_admin_role_priv` VALUES('5','admin','position','edit','','1');
INSERT INTO `dq_admin_role_priv` VALUES('5','admin','position','add','','1');
INSERT INTO `dq_admin_role_priv` VALUES('5','admin','position','init','','1');
INSERT INTO `dq_admin_role_priv` VALUES('5','content','content_settings','init','','1');
INSERT INTO `dq_admin_role_priv` VALUES('5','content','create_html','public_index','','1');
INSERT INTO `dq_admin_role_priv` VALUES('5','content','create_html','category','','1');
INSERT INTO `dq_admin_role_priv` VALUES('5','content','create_html','update_urls','','1');
INSERT INTO `dq_admin_role_priv` VALUES('5','content','create_html','show','','1');
INSERT INTO `dq_admin_role_priv` VALUES('5','release','index','del','','1');
INSERT INTO `dq_admin_role_priv` VALUES('5','release','index','failed','','1');
INSERT INTO `dq_admin_role_priv` VALUES('5','release','index','init','','1');
INSERT INTO `dq_admin_role_priv` VALUES('5','release','html','init','','1');
INSERT INTO `dq_admin_role_priv` VALUES('5','comment','check','checks','','1');
INSERT INTO `dq_admin_role_priv` VALUES('5','comment','comment_admin','listinfo','','1');
INSERT INTO `dq_admin_role_priv` VALUES('5','special','special','create_special_list','','1');
INSERT INTO `dq_admin_role_priv` VALUES('5','special','special','html','','1');
INSERT INTO `dq_admin_role_priv` VALUES('5','special','album','import','','1');
INSERT INTO `dq_admin_role_priv` VALUES('5','special','special','import','','1');
INSERT INTO `dq_admin_role_priv` VALUES('5','special','content','listorder','','1');
INSERT INTO `dq_admin_role_priv` VALUES('5','special','content','delete','','1');
INSERT INTO `dq_admin_role_priv` VALUES('5','special','content','edit','','1');
INSERT INTO `dq_admin_role_priv` VALUES('5','special','content','init','','1');
INSERT INTO `dq_admin_role_priv` VALUES('5','special','content','add','','1');
INSERT INTO `dq_admin_role_priv` VALUES('5','special','content','init','','1');
INSERT INTO `dq_admin_role_priv` VALUES('5','special','special','listorder','','1');
INSERT INTO `dq_admin_role_priv` VALUES('5','special','special','delete','','1');
INSERT INTO `dq_admin_role_priv` VALUES('5','special','special','elite','','1');
INSERT INTO `dq_admin_role_priv` VALUES('5','special','special','init','','1');
INSERT INTO `dq_admin_role_priv` VALUES('5','special','special','edit','','1');
INSERT INTO `dq_admin_role_priv` VALUES('5','special','special','add','','1');
INSERT INTO `dq_admin_role_priv` VALUES('5','special','special','init','','1');
INSERT INTO `dq_admin_role_priv` VALUES('5','content','content','listorder','','1');
INSERT INTO `dq_admin_role_priv` VALUES('5','content','create_html','batch_show','','1');
INSERT INTO `dq_admin_role_priv` VALUES('5','content','content','add_othors','','1');
INSERT INTO `dq_admin_role_priv` VALUES('5','content','content','remove','','1');
INSERT INTO `dq_admin_role_priv` VALUES('5','content','push','init','','1');
INSERT INTO `dq_admin_role_priv` VALUES('5','content','content','pass','','1');
INSERT INTO `dq_admin_role_priv` VALUES('5','content','content','add','','1');
INSERT INTO `dq_admin_role_priv` VALUES('5','content','content','init','','1');
INSERT INTO `dq_admin_role_priv` VALUES('5','content','content','init','','1');
INSERT INTO `dq_admin_role_priv` VALUES('5','content','content','init','','1');
INSERT INTO `dq_admin_role_priv` VALUES('5','admin','admin_manage','init','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','admin','setting','init','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','admin','','','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','admin','admin_manage','init','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','admin','admin_manage','add','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','admin','admin_manage','edit','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','admin','admin_manage','delete','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','admin','admin_manage','card','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','admin','admin_manage','creat_card','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','admin','admin_manage','remove_card','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','admin','role','init','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','admin','role','add','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','admin','role','priv_setting','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','admin','role','role_priv','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','admin','role','edit','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','admin','role','member_manage','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','admin','role','delete','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','content','content','init','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','content','content','init','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','content','content','init','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','content','content','add','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','content','content','pass','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','content','content','edit','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','content','push','init','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','content','content','remove','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','content','content','add_othors','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','content','content','delete','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','content','create_html','batch_show','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','content','content','listorder','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','attachment','manage','init','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','attachment','manage','dir','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','attachment','manage','init','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','attachment','address','init','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','attachment','address','update','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','special','special','init','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','special','special','add','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','special','special','edit','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','special','special','init','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','special','special','elite','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','special','special','delete','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','special','special','listorder','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','special','content','init','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','special','content','add','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','special','content','init','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','special','content','edit','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','special','content','delete','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','special','content','listorder','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','special','special','import','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','special','album','import','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','special','special','html','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','special','special','create_special_list','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','block','block_admin','init','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','block','block_admin','add','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','block','block_admin','edit','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','block','block_admin','del','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','block','block_admin','block_update','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','block','block_admin','history_restore','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','block','block_admin','history_del','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','comment','comment_admin','listinfo','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','comment','check','checks','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','release','html','init','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','release','index','init','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','release','index','failed','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','release','index','del','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','content','create_html','show','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','content','create_html','update_urls','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','content','create_html','category','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','content','create_html','public_index','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','content','content_settings','init','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','admin','position','init','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','admin','position','add','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','admin','position','edit','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','admin','category','init','module=admin','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','admin','category','add','s=0','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','admin','category','edit','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','admin','category','public_cache','module=admin','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','admin','category','add','s=1','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','admin','category','add','s=2','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','admin','category','count_items','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','admin','category','batch_edit','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','content','sitemodel','init','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','content','sitemodel','add','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','content','sitemodel','import','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','content','sitemodel_field','init','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','content','sitemodel','edit','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','content','sitemodel','disabled','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','content','sitemodel','delete','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','content','sitemodel','export','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','content','type_manage','init','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','content','type_manage','add','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','content','type_manage','delete','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','content','type_manage','edit','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','member','member','init','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','member','member','manage','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','member','member_verify','manage','s=0','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','member','member_verify','manage','s=2','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','member','member_verify','manage','s=1','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','member','member_verify','manage','s=3','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','member','member_verify','manage','s=4','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','member','member_verify','manage','s=5','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','member','member_verify','pass','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','member','member_verify','delete','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','member','member_verify','ignore','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','member','member_verify','reject','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','member','member_verify','modelinfo','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','member','member','manage','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','member','member','add','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','member','member','lock','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','member','member','unlock','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','member','member','move','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','member','member','delete','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','member','member','search','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','member','member','edit','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','member','member','memberinfo','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','member','member_setting','manage','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','member','member_group','manage','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','member','member_group','manage','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','member','member_group','add','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','member','member_group','edit','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','member','member_group','delete','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','member','member_group','sort','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','member','member_model','manage','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','member','member_model','import','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','member','member_model','manage','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','member','member_model','add','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','member','member_model','delete','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','member','member_model','edit','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','member','member_modelfield','add','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','member','member_modelfield','edit','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','member','member_modelfield','delete','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','member','member_modelfield','manage','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','member','member_model','export','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','member','member_model','sort','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','member','member_model','move','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','admin','index','public_main','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','admin','admin_manage','init','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','admin','admin_manage','public_edit_pwd','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','admin','admin_manage','public_edit_info','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','content','create_html_opt','index','','1');
INSERT INTO `dq_admin_role_priv` VALUES('4','content','create_html','public_index','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','admin','admin_manage','public_edit_pwd','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','admin','admin_manage','init','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','admin','index','public_main','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','member','member_model','move','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','member','member_model','sort','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','member','member_model','export','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','member','member_modelfield','manage','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','member','member_modelfield','delete','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','member','member_modelfield','edit','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','member','member_modelfield','add','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','member','member_model','edit','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','member','member_model','delete','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','member','member_model','add','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','member','member_model','manage','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','member','member_model','import','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','member','member_model','manage','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','member','member_group','sort','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','member','member_group','delete','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','member','member_group','edit','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','member','member_group','add','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','member','member_group','manage','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','member','member_group','manage','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','member','member_setting','manage','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','member','member','memberinfo','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','member','member','edit','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','member','member','search','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','member','member','delete','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','member','member','move','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','member','member','unlock','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','member','member','lock','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','member','member','add','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','member','member','manage','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','member','member_verify','modelinfo','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','member','member_verify','reject','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','member','member_verify','ignore','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','member','member_verify','delete','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','member','member_verify','pass','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','member','member_verify','manage','s=5','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','member','member_verify','manage','s=4','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','member','member_verify','manage','s=3','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','member','member_verify','manage','s=1','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','member','member_verify','manage','s=2','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','member','member_verify','manage','s=0','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','member','member','manage','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','member','member','init','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','content','type_manage','edit','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','content','type_manage','delete','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','content','type_manage','add','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','content','type_manage','init','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','admin','position','edit','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','admin','position','add','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','admin','position','init','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','content','content_settings','init','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','content','create_html','public_index','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','content','create_html','category','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','content','create_html','update_urls','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','content','create_html','show','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','release','index','del','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','release','index','failed','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','release','index','init','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','release','html','init','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','comment','check','checks','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','comment','comment_admin','listinfo','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','special','special','create_special_list','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','special','special','html','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','special','album','import','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','special','special','import','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','special','content','listorder','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','special','content','delete','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','special','content','edit','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','special','content','init','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','special','content','add','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','special','content','init','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','special','special','listorder','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','special','special','delete','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','special','special','elite','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','special','special','init','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','special','special','edit','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','special','special','add','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','special','special','init','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','content','content','listorder','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','content','create_html','batch_show','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','content','content','delete','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','content','content','add_othors','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','content','content','remove','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','content','push','init','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','content','content','edit','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','content','content','pass','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','content','content','add','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','content','content','init','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','content','content','init','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','content','content','init','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','admin','admin_manage','init','','1');
INSERT INTO `dq_admin_role_priv` VALUES('8','content','create_html','public_index','','1');
DROP TABLE IF EXISTS `dq_announce`;
CREATE TABLE `dq_announce` (
`aid` smallint(4) unsigned NOT NULL AUTO_INCREMENT,
`siteid` smallint(5) unsigned NOT NULL DEFAULT '0',
`title` char(80) NOT NULL,
`content` text NOT NULL,
`starttime` date NOT NULL DEFAULT '0000-00-00',
`endtime` date NOT NULL DEFAULT '0000-00-00',
`username` varchar(40) NOT NULL,
`addtime` int(10) unsigned NOT NULL DEFAULT '0',
`hits` smallint(5) unsigned NOT NULL DEFAULT '0',
`passed` tinyint(1) unsigned NOT NULL DEFAULT '0',
`style` char(15) NOT NULL,
`show_template` char(30) NOT NULL,
PRIMARY KEY (`aid`),
KEY `siteid` (`siteid`,`passed`,`endtime`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8;
DROP TABLE IF EXISTS `dq_attachment`;
CREATE TABLE `dq_attachment` (
`aid` int(10) unsigned NOT NULL AUTO_INCREMENT,
`module` char(15) NOT NULL,
`catid` smallint(5) unsigned NOT NULL DEFAULT '0',
`filename` char(50) NOT NULL,
`filepath` char(200) NOT NULL,
`filesize` int(10) unsigned NOT NULL DEFAULT '0',
`fileext` char(10) NOT NULL,
`isimage` tinyint(1) unsigned NOT NULL DEFAULT '0',
`isthumb` tinyint(1) unsigned NOT NULL DEFAULT '0',
`downloads` mediumint(8) unsigned NOT NULL DEFAULT '0',
`userid` mediumint(8) unsigned NOT NULL DEFAULT '0',
`uploadtime` int(10) unsigned NOT NULL DEFAULT '0',
`uploadip` char(15) NOT NULL,
`status` tinyint(1) NOT NULL DEFAULT '0',
`authcode` char(32) NOT NULL,
`siteid` smallint(5) unsigned NOT NULL DEFAULT '0',
PRIMARY KEY (`aid`),
KEY `authcode` (`authcode`)
) ENGINE=MyISAM AUTO_INCREMENT=893 DEFAULT CHARSET=utf8;
INSERT INTO `dq_attachment` VALUES('1','content','19','1.jpg','2015/0202/20150202120447850.jpg','19781','jpg','1','0','0','1','1422849886','**.**.**.**','0','191bb24609352fd7c1ccb89ad158ed22','1');
INSERT INTO `dq_attachment` VALUES('2','content','0','20150202011110871.jpg','2015/0202/20150202011110871.jpg','119211','jpg','1','0','0','0','1422853869','**.**.**.**','1','ce4fff7aaf7f470d316fd766c7d4d0bb','1');
INSERT INTO `dq_attachment` VALUES('3','content','19','2.jpg','2015/0202/20150202011409479.jpg','21718','jpg','1','0','0','1','1422854048','**.**.**.**','0','61997978f828781ea595035b638c44e3','1');
INSERT INTO `dq_attachment` VALUES('4','content','0','20150202011628841.jpg','2015/0202/20150202011628841.jpg','139851','jpg','1','0','0','0','1422854187','**.**.**.**','1','bbd8f9711f6e0872fcb8bf3cbc5a4ed3','1');
INSERT INTO `dq_attachment` VALUES('5','content','0','20150202011820400.jpg','2015/0202/20150202011820400.jpg','138772','jpg','1','0','0','0','1422854299','**.**.**.**','1','42c1f6e59c33287a169e1e10e15c96fe','1');
INSERT INTO `dq_attachment` VALUES('6','content','19','11.jpg','2015/0202/20150202012008112.jpg','216697','jpg','1','0','0','1','1422854406','**.**.**.**','1','fcc3fd9d1c4b5b2bba0e9458130480e5','1');
INSERT INTO `dq_attachment` VALUES('7','content','19','11.jpg','2015/0202/20150202012148181.jpg','216697','jpg','1','0','0','1','1422854507','**.**.**.**','1','14b1ea4ed7e52dc3b715c294b16824b3','1');
INSERT INTO `dq_attachment` VALUES('8','content','19','11.jpg','2015/0202/20150202012332462.jpg','335789','jpg','1','0','0','1','1422854611','**.**.**.**','1','982a600fb6b2e08c3fc3ddeb5588cc8b','1');
INSERT INTO `dq_attachment` VALUES('9','content','0','20150202012407216.jpg','2015/0202/20150202012407216.jpg','135995','jpg','1','0','0','0','1422854646','**.**.**.**','1','171fab9c082d0b5ce8bd88319d258149','1');
INSERT INTO `dq_attachment` VALUES('10','content','0','20150202012408276.jpg','2015/0202/20150202012408276.jpg','92948','jpg','1','0','0','0','1422854646','**.**.**.**','1','0013aa44826a953c1ef29a22cf6c5262','1');
INSERT INTO `dq_attachment` VALUES('11','content','0','20150202012408724.jpg','2015/0202/20150202012408724.jpg','59630','jpg','1','0','0','0','1422854646','**.**.**.**','1','f7194aeae697711a69c13bf1b55d483b','1');
INSERT INTO `dq_attachment` VALUES('12','content','0','20150202012408457.png','2015/0202/20150202012408457.png','279749','png','1','0','0','0','1422854646','**.**.**.**','1','163010547ecd1a8973f253b14b157cf3','1');
INSERT INTO `dq_attachment` VALUES('13','content','0','20150202012622892.jpg','2015/0202/20150202012622892.jpg','115385','jpg','1','0','0','0','1422854781','**.**.**.**','1','a45d6a769a9238e1379e832cbc064096','1');
INSERT INTO `dq_attachment` VALUES('14','content','0','20150202012623394.jpg','2015/0202/20150202012623394.jpg','29744','jpg','1','0','0','0','1422854781','**.**.**.**','1','d664c27ebf666234aaa86c0496359072','1');
INSERT INTO `dq_attachment` VALUES('15','content','0','20150202012623670.jpg','2015/0202/20150202012623670.jpg','37834','jpg','1','0','0','0','1422854781','**.**.**.**','1','3422a7519e9809dcac71babc5d5f1a92','1');
INSERT INTO `dq_attachment` VALUES('16','content','0','20150202012623438.jpg','2015/0202/20150202012623438.jpg','48653','jpg','1','0','0','0','1422854781','**.**.**.**','1','a772f3f788b555071777301178c30b03','1');
INSERT INTO `dq_attachment` VALUES('17','content','0','20150202012833163.jpg','2015/0202/20150202012833163.jpg','48564','jpg','1','0','0','0','1422854912','**.**.**.**','1','172a2db02ba63fba56fbc4bf9c78e5f5','1');
INSERT INTO `dq_attachment` VALUES('18','content','19','11.jpg','2015/0202/20150202012855623.jpg','329603','jpg','1','0','0','1','1422854934','**.**.**.**','1','efbd940a5ac490f2d8dc395b1bbeba88','1');
INSERT INTO `dq_attachment` VALUES('19','content','0','20150202012953980.jpg','2015/0202/20150202012953980.jpg','19514','jpg','1','0','0','0','1422854992','**.**.**.**','1','25ed2b92c8e3cd3cdbe46377fb56f151','1');
INSERT INTO `dq_attachment` VALUES('20','content','0','20150202012953568.jpg','2015/0202/20150202012953568.jpg','23915','jpg','1','0','0','0','1422854992','**.**.**.**','1','335ffb6207e51d6e20043bcfa93b6dc2','1');
INSERT INTO `dq_attachment` VALUES('21','content','19','11.jpg','2015/0202/20150202013110901.jpg','329603','jpg','1','0','0','1','1422855069','**.**.**.**','1','4ffea6ec79fc83aeac0a7846e1581991','1');
INSERT INTO `dq_attachment` VALUES('22','content','19','3.jpg','2015/0202/20150202013158201.jpg','25019','jpg','1','0','0','1','1422855117','**.**.**.**','0','139481a0f64c19bd1dda0665af72bb25','1');
INSERT INTO `dq_attachment` VALUES('23','content','19','3.jpg','2015/0202/20150202013212911.jpg','25019','jpg','1','0','0','1','1422855131','**.**.**.**','0','dec1439c0265252bc9b07bc965ea940e','1');
INSERT INTO `dq_attachment` VALUES('24','content','0','20150202013313827.jpg','2015/0202/20150202013313827.jpg','97821','jpg','1','0','0','0','1422855192','**.**.**.**','1','59abce445467b0c61436348d606fcb8f','1');
INSERT INTO `dq_attachment` VALUES('25','content','19','22.jpg','2015/0202/20150202013450291.jpg','293244','jpg','1','0','0','1','1422855289','**.**.**.**','1','c64fecb4aee06f921c4bad210bdced35','1');
INSERT INTO `dq_attachment` VALUES('26','content','19','11.jpg','2015/0202/20150202013634808.jpg','370919','jpg','1','0','0','1','1422855393','**.**.**.**','1','2c33766dbfa1b15d53c6716be951dff5','1');
INSERT INTO `dq_attachment` VALUES('27','content','0','20150202013700873.jpg','2015/0202/20150202013700873.jpg','46990','jpg','1','0','0','0','1422855419','**.**.**.**','1','d4215e5ef16b957329fdcde11befb864','1');
INSERT INTO `dq_attachment` VALUES('28','content','0','20150202013756439.jpg','2015/0202/20150202013756439.jpg','82515','jpg','1','0','0','0','1422855475','**.**.**.**','1','04e25248a9b355cc338f6cb502719185','1');
INSERT INTO `dq_attachment` VALUES('29','content','0','20150202013757866.jpg','2015/0202/20150202013757866.jpg','89888','jpg','1','0','0','0','1422855475','**.**.**.**','1','04546e9e4a40113091d267f4cc5e4842','1');
INSERT INTO `dq_attachment` VALUES('30','content','0','20150202013839279.jpg','2015/0202/20150202013839279.jpg','118381','jpg','1','0','0','0','1422855518','**.**.**.**','1','ed6c734cb18ff9d212e3d2f2223913bb','1');
INSERT INTO `dq_attachment` VALUES('31','content','19','11.jpg','2015/0202/20150202013902453.jpg','339045','jpg','1','0','0','1','1422855541','**.**.**.**','1','9f8bde88694e5e1b5f7c432fc5aa32a8','1');
INSERT INTO `dq_attachment` VALUES('32','content','0','20150202013927810.jpg','2015/0202/20150202013927810.jpg','100507','jpg','1','0','0','0','1422855566','**.**.**.**','1','88c6dbb9e57847b6187016be5521e6f5','1');
INSERT INTO `dq_attachment` VALUES('33','content','15','11.jpg','2015/0202/20150202014506831.jpg','362478','jpg','1','0','0','1','1422855905','**.**.**.**','1','0b7891df0b2668c175f413d73499ac9a','1');
INSERT INTO `dq_attachment` VALUES('34','content','0','20150202020211524.jpg','2015/0202/20150202020211524.jpg','67089','jpg','1','0','0','0','1422856930','**.**.**.**','1','7e49ff5e0db697821ad438fa59a12bf2','1');
INSERT INTO `dq_attachment` VALUES('35','content','0','20150202020329207.jpg','2015/0202/20150202020329207.jpg','45385','jpg','1','0','0','0','1422857007','**.**.**.**','1','545838691970b7599bb0f61c94a4fcab','1');
INSERT INTO `dq_attachment` VALUES('36','content','0','20150202020710275.jpg','2015/0202/20150202020710275.jpg','39932','jpg','1','0','0','0','1422857229','**.**.**.**','1','ed711fae8f555426193c587a58d73e06','1');
INSERT INTO `dq_attachment` VALUES('37','content','0','20150202020712527.jpg','2015/0202/20150202020712527.jpg','39626','jpg','1','0','0','0','1422857229','**.**.**.**','1','7169fad695e71c64fbbc018236fe8344','1');
INSERT INTO `dq_attachment` VALUES('38','content','0','20150202020749138.jpg','2015/0202/20150202020749138.jpg','61767','jpg','1','0','0','0','1422857267','**.**.**.**','1','cb97ddbaa2e6b905ed579b016882f3c3','1');
INSERT INTO `dq_attachment` VALUES('39','content','0','20150202021121926.jpg','2015/0202/20150202021121926.jpg','104960','jpg','1','0','0','0','1422857480','**.**.**.**','1','21078c323ffd691bfc4761930ea7bbdf','1');
INSERT INTO `dq_attachment` VALUES('40','content','0','20150202021615343.jpg','2015/0202/20150202021615343.jpg','108727','jpg','1','0','0','0','1422857774','**.**.**.**','1','c16c5ced2669cb6091c1d1b88c76e9ce','1');
INSERT INTO `dq_attachment` VALUES('41','content','0','20150202021619368.jpg','2015/0202/20150202021619368.jpg','42916','jpg','1','0','0','0','1422857774','**.**.**.**','1','f4c61436ef6004aa9c1d1200cc29b1ae','1');
INSERT INTO `dq_attachment` VALUES('42','content','0','20150202021937271.jpg','2015/0202/20150202021937271.jpg','27452','jpg','1','0','0','0','1422857976','**.**.**.**','1','75a6b6f96b2415e974c1da305962a587','1');
INSERT INTO `dq_attachment` VALUES('43','content','0','20150202021952695.jpg','2015/0202/20150202021952695.jpg','54433','jpg','1','0','0','0','1422857976','**.**.**.**','1','d045d846a9f6a25740773cf03cf9effa','1');
INSERT INTO `dq_attachment` VALUES('44','content','0','20150202022128899.jpg','2015/0202/20150202022128899.jpg','4572','jpg','1','0','0','0','1422858087','**.**.**.**','1','bd93778aa5b4657774ddadf002c70bdc','1');
INSERT INTO `dq_attachment` VALUES('45','content','0','20150202022143697.jpg','2015/0202/20150202022143697.jpg','22270','jpg','1','0','0','0','1422858087','**.**.**.**','1','62db2d1bc2850e66e73d205fce2cacda','1');
INSERT INTO `dq_attachment` VALUES('46','content','0','20150202022404117.jpg','2015/0202/20150202022404117.jpg','33894','jpg','1','0','0','0','1422858243','**.**.**.**','1','42d395a4442c8609f9618991c3baec74','1');
INSERT INTO `dq_attachment` VALUES('47','content','0','20150202022419846.jpg','2015/0202/20150202022419846.jpg','7637','jpg','1','0','0','0','1422858243','**.**.**.**','1','c8d8dc85ac53ec442a418c52a66fe6a4','1');
INSERT INTO `dq_attachment` VALUES('48','content','0','20150202022749781.jpg','2015/0202/20150202022749781.jpg','47569','jpg','1','0','0','0','1422858468','**.**.**.**','1','5e0d98929cb2ba0e60dbbab839d9fd61','1');
INSERT INTO `dq_attachment` VALUES('49','conten
修复方案:
我是来找礼物的!
版权声明:转载请注明来源 路人甲@乌云
漏洞回应
厂商回应:
危害等级:中
漏洞Rank:8
确认时间:2015-08-18 09:19
厂商回复:
CNVD确认并复现所述情况,已经转由CNCERT下发给河南分中心,由其后续协调网站管理单位处置。
最新状态:
暂无