乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-02-03: 细节已通知厂商并且等待厂商处理中 2015-02-08: 厂商已经主动忽略漏洞,细节向公众公开
西部数码大量电信主机mysql未更改密码可导致批量getshell
空间主机运营商的通病 mysql密码未随机更改IP段 211.149.0.0-211.149.255.255MYSQL的root密码为默认 root3306
1.http://**.**.**/phpmyadmin/_2.http://**.**.**/phpmyadmin/index.phptoken=74c16905d99310a87839c3088bdb5b9e_3.http://**.**.**/phpmyadmin/index.phptoken=8e7e7fa8b8da563793db7b36c9a62441_4.http://**.**.**/phpmyadmin/index.phptoken=f005407f5f7fb388d8596c30622e1f2f_5.http://**.**.**/phpmyadmin/index.phptoken=95ffffbba1240da8684620e4edebdd6a_6.http://**.**.**/phpmyadmin/index.phptoken=6b228cc9c5c8e72ec01407a140ce2d6e_7.http://**.**.**/phpmyadmin/index.phptoken=2ac5f360d1bd393cb8e0de9d74889964_8.http://**.**.**/phpmyadmin/index.phptoken=bac890cff4f15341686fa932ccf28d7b_9.http://**.**.**/phpmyadmin/index.phptoken=21da468bccd5afda68248bc9abee53c5_10.http://**.**.**/phpmyadmin/index.phptoken=dcf623b19fc1a2324b398f08ab2faa8e_11.http://**.**.**/phpmyadmin/index.phptoken=2c19c053649eda9cc126f29b3a3a7e4b_12.http://**.**.**/phpmyadmin/index.phptoken=3691193c61c6d16fc8383d07fce9d38d_13.http://**.**.**/phpmyadmin/index.phptoken=a9a02fd8db60449f7754f6e247f7e0b7_14.http://**.**.**/phpmyadmin/index.phptoken=8c9fa011d2c3a917273e4f6214469f86_15.http://**.**.**/phpmyadmin/index.phptoken=294b253d780ed75a78df6e16d02e8acb_16.http://**.**.**/phpmyadmin/index.phptoken=2e37bb749f11226eae66618a711cc808_17.http://**.**.**/phpmyadmin/index.phptoken=34646922033c08b4354722eb14624ccd_18.http://**.**.**/phpmyadmin/index.phptoken=5c6ab6bd36f5177899e52d9dce71cebf_19.http://**.**.**/phpmyadmin/index.phptoken=2527227a2474529f3d1405b2a8fda79a_20.http://**.**.**/phpmyadmin/index.phptoken=fe3831b03ef1fd80cda7fc41e30b5247_21.http://**.**.**/phpmyadmin/index.phptoken=f06db5ed7e3af3acc627213b3cff14d0_22.http://**.**.**/phpmyadmin/index.phptoken=b8e8687887de29750c2824c0ce4cf61a_23.http://**.**.**/phpmyadmin/index.phptoken=8c34264c30ce6417da635b6bb2ca4a01_24.http://**.**.**/phpmyadmin/index.phptoken=ee75717dddb932fbb70ae086afb2f223_25.http://**.**.**/phpmyadmin/index.phptoken=c481899a64eb682cd93593713a986c4e_26.http://**.**.**/phpmyadmin/index.phptoken=7f0bf928e44ea8e2d14b3eba10761f18_27.http://**.**.**/phpmyadmin/index.phptoken=aedbb4459ceb06adcb7a342cab5be287_28.http://**.**.**/phpmyadmin/index.phptoken=abf50c6d7ee02489d733c80e7af0d6a7_29.http://**.**.**/phpmyadmin/index.phptoken=5d895e2e76b09b9f99a53f4e93a54f37_30.http://**.**.**/phpmyadmin/index.phptoken=619db76407ffe9ac378d036146833a12_31.http://**.**.**/phpmyadmin/index.phptoken=c1a5e0ce2f35b67f1bb8eef0abf5efcd_32.http://**.**.**/phpmyadmin/index.phptoken=7f655995be602ff73d945ec6f393a56e_33.http://**.**.**/phpmyadmin/index.phptoken=77e3c1cfda3a7e3fdd2d46b3fe5ffe36
phpmyadmin路径泄露 http://211.149.151.147/phpmyadmin/info.php路径通用测试了一部分 数量太多 大概25%的主机存在未更换密码
使用随机root密码
危害等级:无影响厂商忽略
忽略时间:2015-02-08 13:38
暂无