乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-12-05: 细节已通知厂商并且等待厂商处理中 2015-12-10: 厂商已经主动忽略漏洞,细节向公众公开
RT
POST /delete_cart_goods.php HTTP/1.1Content-Length: 137Content-Type: application/x-www-form-urlencodedX-Requested-With: XMLHttpRequestReferer: http://hets.huatu.comCookie: real_ipd=1.83.234.68; ECS_ID=9d3539014a44eba32dd59bbc231620d4a359c081; ECS[visit_times]=2; PHPSESSID=ho61c490t5n4tlqr1r9mmbc541; ECS[history]=6356; ECS[display]=grid; ___OATH2_CALLBLOCK__=http%3A%2F%2Fbook.huatu.com%2Fuser.php%3Fact%3Doath_login%26type%3Dqq%26callblock%3Dhttp%253A%252F%252Fbook.huatu.com%252Findex.php%26open%3D0; CL_ECSCP_ID=16255dae309598ca86a12c3e95641830ecf1e561; ECSCP_ID=2f1e1730854a63a25ad258ed9c6823a75f0054d4; Hm_lvt_bb9795ea837d93435dbd49a6dd0c340e=1448926592,1448926793,1448926831,1448926906; Hm_lpvt_bb9795ea837d93435dbd49a6dd0c340e=1448926906; IESESSION=alive; pgv_pvi=9004266496; pgv_si=s797742080; CNZZDATA443728=cnzz_eid%3D418975232-1448923363-http%253A%252F%252Fwww.acunetix-referrer.com%252F%26ntime%3D1448923363; _cnzz_CV443728=extend%7C%7C%26toJSONString%7C%7C; CNZZDATA1000303213=861751167-1448923321-http%253A%252F%252Fwww.acunetix-referrer.com%252F%7C1448923321; _cnzz_CV1000303213=extend%7C%7C%26toJSONString%7C%7C; BAIDU_DUP_lcr=http://www.acunetix-referrer.com/javascript:domxssExecutionSink(0,"'\"><xsstag>()refdxss"); BAIDUID=9A7FDDA2E7BD1395737663950514EB1D:FG=1; HMACCOUNT=5A9C68CB6192E993; bdshare_firstime=1448925858945Host: hets.huatu.comConnection: Keep-aliveAccept-Encoding: gzip,deflateUser-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.21Accept: */*id=861073
危害等级:无影响厂商忽略
忽略时间:2015-12-10 14:56
漏洞Rank:4 (WooYun评价)
暂无