乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-08-18: 细节已通知厂商并且等待厂商处理中 2015-08-23: 厂商已经主动忽略漏洞,细节向公众公开
rt
http://www.ellechina.com/ellechina.tar.gz直接下载
整理数据库敏感信息如下:
<?phpdefine('UC_CONNECT', 'post');define('UC_DBHOST', '192.168.1.204');define('UC_DBUSER', 'font');define('UC_DBPW', '1q2w3e4r');define('UC_DBNAME', 'efwp_ucenter1-5-2');define('UC_DBCHARSET', 'utf8');define('UC_DBTABLEPRE', '`efwp_ucenter1-5-2`.uc_');define('UC_DBCONNECT', '0');define('UC_KEY', '21a55O0+5gHJTgA+CmphRGNk5q73m1vjEhJpjMY');define('UC_API', 'http://uc.ellechina.com');define('UC_CHARSET', 'utf-8');define('UC_IP', '');define('UC_APPID', '19');define('UC_PPP', '20');
二、
<?phpif(!defined('ELLE_LIBRARY')) { exit('Access Denied');}$_SC = array();$_SC['dbhost'] = '10.30.11.72'; // ...192.168.1.104$_SC['dbuser'] = 'elleapp'; //.. stage$_SC['dbpw'] = 'ZWxsZW1vYmlsZTEyMw'; //.. stage$_SC['dbcharset'] = 'utf8'; //...$_SC['pconnect'] = 0; //......$_SC['dbname'] = 'elleapp'; //...$_SC['tablepre'] = ''; //....$_SC['charset'] = 'utf-8'; //.....?>
三、
<?phpreturn array( 'driver' => 'mysql', 'host' => '10.30.11.71', 'port' => 3306, 'username' => 'ellechina', 'password' => 'HvHWbdc565bGj4CM', 'dbname' => 'ellechina', 'table' => 'cmstop_session', 'pconnect' => 0, 'charset' => 'utf8');
四、
<?phpreturn array( 'charset' => 'utf-8', 'urlmode' => 'standard', //options: standard, pathinfo, querystring, rewrite 'debug' => 0, 'lang' => 'zh-cn', 'pagesize' => '20', 'token' => '1', 'authkey' => 'UsH%JHsd*sUasd%DJzxcvwKdsf%Z1Zhkm^&*#', 'timezone' => 'PRC', 'dbkv_storage' => 'dba', 'dbkv_handler' => 'flatfile', 'internal_userid' => 2042693);
我是来找礼物的!
危害等级:无影响厂商忽略
忽略时间:2015-08-23 09:58
漏洞Rank:4 (WooYun评价)
暂无