WooYun.org

1，很开心的注册了一个会员（东方万里行），结果发现我的个人信息如此简单的被获取了
网址：http://easternmiles.ceair.com/mpf/#/sign/forget
输入会员卡号，就可以获得对影会员卡持卡人员的详细信息。
2，我不知道具体卡号的格式，于是我就注册了一个，大概是这样的格式：
6130121xxxxx，好吧，那我就遍历一次试试。
于是如下结果：
卡号：613012100006
个人信息：{"memberId":"613012100006","lang":"zh_CN","companyCode":"MU","programCode":"CEAEM","exception":null,"changeType":"1","code":null,"id":-1,"cardNo1":"613012100006","cardType1":1,"sendType1":"1","mobile1":"15899571909","email1":"[email protected]","birthdayStr":"19710516","cardNo2":null,"cardType2":1,"sendType2":"1","memberId2":null,"mobile2":null,"email2":null,"memberName":"柯瑜","oldPW":null,"newPW":null,"flag":0}
卡号：613012100055
个人信心：
{"memberId":"613012100055","lang":"zh_CN","companyCode":"MU","programCode":"CEAEM","exception":null,"changeType":"1","code":null,"id":-1,"cardNo1":"613012100055","cardType1":1,"sendType1":"1","mobile1":"15012691217","email1":"[email protected]","birthdayStr":"19901031","cardNo2":null,"cardType2":1,"sendType2":"1","memberId2":null,"mobile2":null,"email2":null,"memberName":"杨涛","oldPW":null,"newPW":null,"flag":0}
我就你不一一举例子了，
3，通过遍历我得到了几个卡号，发现卡号不是连续的，但是辛亏哥数学好，发现是等差数列
613012100006
613012100013
613012100020
613012100027
613012100034
613012100041
613012100048
613012100055
看到没，下面的卡号比上面的大7，于是我就明白了，可以遍历所有用户信息了。
4，我是好公民，公民正好：xxxxxxxxxxx
不说了，尽快修复吧，哥的信息还在里面呢