乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-12-15: 积极联系厂商并且等待厂商认领中,细节不对外公开 2016-01-28: 厂商已经主动忽略漏洞,细节向公众公开
某P2P网站泄露泄漏大量用户敏感信息,可用于黑产
泄露了大量用户敏感信息,如果被不法分子窃取后果不堪设想。
新的签名:acct_name=司明&app_request=3&busi_partner=101001&card_no=6230580000056386308&dt_order=20151205120223&id_no=41282219790611834X&money_order=9892.50&no_order=llpay2015120512022349592¬ify_url=http://www.glyd.cn/Pay/llh5notice&oid_partner=201511051000583517&risk_item={"frms_ware_category":"2009","user_info_mercht_userno":"825072","user_info_dt_register":"20151009221937","user_info_full_name":"司明","user_info_id_no":"41282219790611834X","user_info_bind_phone":"13652571989","user_info_identify_type":"1","user_info_identify_state":"1"}&sign_type=RSA&url_return=http://www.glyd.cn/Pay/llh5return&user_id=825072&valid_order=10080签名:oif4/RJlCfjgz4EyuTqs43eYzK+WLHkQuG1V+AAzjocNvilWy1J5BAZoxg1Dx5I1tEJUOZAx7aW5tzvbHVVwtDo3KyCGHGNIBW2462elEs6PROyS9yYY6HKKq0oe5ZfK5tmr1J6i+PvkSE8qrrDedrynM5afAicRdwEE184LrlY=新的签名:acct_name=司明&app_request=3&busi_partner=101001&card_no=6230580000056386308&dt_order=20151205121603&id_no=41282219790611834X&money_order=9892.50&no_order=llpay2015120512160361659¬ify_url=http://www.glyd.cn/Pay/llh5notice&oid_partner=201511051000583517&risk_item={"frms_ware_category":"2009","user_info_mercht_userno":"825072","user_info_dt_register":"20151009221937","user_info_full_name":"司明","user_info_id_no":"41282219790611834X","user_info_bind_phone":"13652571989","user_info_identify_type":"1","user_info_identify_state":"1"}&sign_type=RSA&url_return=http://www.glyd.cn/Pay/llh5return&user_id=825072&valid_order=10080
http://www.glyd.cn/log.txt
你们懂的
未能联系到厂商或者厂商积极拒绝
漏洞Rank:15 (WooYun评价)