漏洞概要 关注数(24) 关注此漏洞
缺陷编号:wooyun-2016-0168364
漏洞标题:基金安全之成安基金主站SQL注入可UNION
相关厂商:成安基金
漏洞作者: 路人甲
提交时间:2016-01-11 21:50
修复时间:2016-02-27 11:49
公开时间:2016-02-27 11:49
漏洞类型:SQL注射漏洞
危害等级:高
自评Rank:15
漏洞状态:已交由第三方合作机构(cncert国家互联网应急中心)处理
漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]
Tags标签: 无
漏洞详情
披露状态:
2016-01-11: 细节已通知厂商并且等待厂商处理中
2016-01-15: 厂商已经确认,细节仅向厂商公开
2016-01-25: 细节向核心白帽子及相关领域专家公开
2016-02-04: 细节向普通白帽子公开
2016-02-14: 细节向实习白帽子公开
2016-02-27: 细节向公众公开
简要描述:
基金安全之成安基金主站SQL注入大量库
详细说明:
江苏成安股权投资基金管理有限公司
05成立于2014年5月,注册资本金10000万元
江苏成安股权投资基金管理有限公司作为在中国证券投资基金业协会登记的私募投资基金管理人,是受国家权威机构监管的正式会员企业,是开展私募证券投资、股权投资、创业投资等私募基金业务的金融服务商,与华创证券、中信建投、民生证券、国都证券、华澳信托、陆家嘴信托、上海国际信托等多家国内信托公司、担保公司、券商保持着良好的合作关系,截至到目前,公司管理资金规模超过50亿元。
http://**.**.**.**/about2.php?id=49
漏洞证明:
大量表
<code>Database: dmooo13_njxyhz
[20 tables]
+---------------------------------------+
| dmooo_book |
| dmooo_bookanswer |
| dmooo_bookclass |
| dmooo_href |
| dmooo_job |
| dmooo_jobadd |
| dmooo_kefu |
| dmooo_member |
| dmooo_member_detail |
| dmooo_member_group |
| dmooo_member_group_extend |
| dmooo_member_group_priv |
| dmooo_member_info |
| dmooo_member_log |
| dmooo_news |
| dmooo_news_img |
| dmooo_newsclass |
| dmooo_newsclass2 |
| dmooo_orders |
| dmooo_web |
+---------------------------------------+
Database: dmooo13_euro-standard
[20 tables]
+---------------------------------------+
| dmooo_book |
| dmooo_bookanswer |
| dmooo_bookclass |
| dmooo_href |
| dmooo_job |
| dmooo_jobadd |
| dmooo_kefu |
| dmooo_member |
| dmooo_member_detail |
| dmooo_member_group |
| dmooo_member_group_extend |
| dmooo_member_group_priv |
| dmooo_member_info |
| dmooo_member_log |
| dmooo_news |
| dmooo_news_img |
| dmooo_newsclass |
| dmooo_newsclass2 |
| dmooo_orders |
| dmooo_web |
+---------------------------------------+
Database: dmooo13_dyritai
[20 tables]
+---------------------------------------+
| dmooo_book |
| dmooo_bookanswer |
| dmooo_bookclass |
| dmooo_href |
| dmooo_job |
| dmooo_jobadd |
| dmooo_kefu |
| dmooo_member |
| dmooo_member_detail |
| dmooo_member_group |
| dmooo_member_group_extend |
| dmooo_member_group_priv |
| dmooo_member_info |
| dmooo_member_log |
| dmooo_news |
| dmooo_news_img |
| dmooo_newsclass |
| dmooo_newsclass2 |
| dmooo_orders |
| dmooo_web |
+---------------------------------------+
Database: dmooo13_zgzrca
[19 tables]
+---------------------------------------+
| dmooo_book |
| dmooo_bookanswer |
| dmooo_bookclass |
| dmooo_href |
| dmooo_job |
| dmooo_jobadd |
| dmooo_kefu |
| dmooo_member |
| dmooo_member_detail |
| dmooo_member_group |
| dmooo_member_group_extend |
| dmooo_member_group_priv |
| dmooo_member_info |
| dmooo_member_log |
| dmooo_news |
| dmooo_newsclass |
| dmooo_newsclass2 |
| dmooo_orders |
| dmooo_web |
+---------------------------------------+
Database: dmooo13_arklcd
[20 tables]
+---------------------------------------+
| dmooo_book |
| dmooo_bookanswer |
| dmooo_bookclass |
| dmooo_href |
| dmooo_job |
| dmooo_jobadd |
| dmooo_kefu |
| dmooo_member |
| dmooo_member_detail |
| dmooo_member_group |
| dmooo_member_group_extend |
| dmooo_member_group_priv |
| dmooo_member_info |
| dmooo_member_log |
| dmooo_news |
| dmooo_news_img |
| dmooo_newsclass |
| dmooo_newsclass2 |
| dmooo_orders |
| dmooo_web |
+---------------------------------------+
Database: dmooo13_zhupoo
[25 tables]
+---------------------------------------+
| dmooo_area |
| dmooo_area_class |
| dmooo_area_class2 |
| dmooo_book |
| dmooo_bookanswer |
| dmooo_bookclass |
| dmooo_href |
| dmooo_jifen |
| dmooo_job |
| dmooo_jobadd |
| dmooo_kefu |
| dmooo_member |
| dmooo_member_detail |
| dmooo_member_group |
| dmooo_member_group_extend |
| dmooo_member_group_priv |
| dmooo_member_info |
| dmooo_member_log |
| dmooo_news |
| dmooo_news_img |
| dmooo_newsclass |
| dmooo_newsclass2 |
| dmooo_order_info |
| dmooo_orders |
| dmooo_web |
+---------------------------------------+
Database: dmooo13_njkzdq
[20 tables]
+---------------------------------------+
| dmooo_book |
| dmooo_bookanswer |
| dmooo_bookclass |
| dmooo_href |
| dmooo_job |
| dmooo_jobadd |
| dmooo_kefu |
| dmooo_member |
| dmooo_member_detail |
| dmooo_member_group |
| dmooo_member_group_extend |
| dmooo_member_group_priv |
| dmooo_member_info |
| dmooo_member_log |
| dmooo_news |
| dmooo_news_img |
| dmooo_newsclass |
| dmooo_newsclass2 |
| dmooo_orders |
| dmooo_web |
+---------------------------------------+
Database: dmooo13_njweiyixuan
[20 tables]
+---------------------------------------+
| dmooo_book |
| dmooo_bookanswer |
| dmooo_bookclass |
| dmooo_href |
| dmooo_job |
| dmooo_jobadd |
| dmooo_kefu |
| dmooo_member |
| dmooo_member_detail |
| dmooo_member_group |
| dmooo_member_group_extend |
| dmooo_member_group_priv |
| dmooo_member_info |
| dmooo_member_log |
| dmooo_news |
| dmooo_news_img |
| dmooo_newsclass |
| dmooo_newsclass2 |
| dmooo_orders |
| dmooo_web |
+---------------------------------------+
Database: dmooo13_massiver
[20 tables]
+---------------------------------------+
| dmooo_book |
| dmooo_bookanswer |
| dmooo_bookclass |
| dmooo_href |
| dmooo_job |
| dmooo_jobadd |
| dmooo_kefu |
| dmooo_member |
| dmooo_member_detail |
| dmooo_member_group |
| dmooo_member_group_extend |
| dmooo_member_group_priv |
| dmooo_member_info |
| dmooo_member_log |
| dmooo_news |
| dmooo_news_img |
| dmooo_newsclass |
| dmooo_newsclass2 |
| dmooo_orders |
| dmooo_web |
+---------------------------------------+
Database: dmooo13_intoanswer
[123 tables]
+---------------------------------------+
| dmooo_book |
| dmooo_bookanswer |
| dmooo_bookclass |
| dmooo_href |
| dmooo_job |
| dmooo_jobadd |
| dmooo_kefu |
| dmooo_member |
| dmooo_member_detail |
| dmooo_member_group |
| dmooo_member_group_extend |
| dmooo_member_group_priv |
| dmooo_member_info |
| dmooo_member_log |
| dmooo_news |
| dmooo_news_img |
| dmooo_newsclass |
| dmooo_newsclass2 |
| dmooo_orders |
| dmooo_web |
| spmcms_admin |
| spmcms_admin_panel |
| spmcms_admin_role |
| spmcms_admin_role_priv |
| spmcms_announce |
| spmcms_attachment |
| spmcms_attachment_index |
| spmcms_badword |
| spmcms_block |
| spmcms_block_history |
| spmcms_block_priv |
| spmcms_cache |
| spmcms_category |
| spmcms_category_priv |
| spmcms_collection_content |
| spmcms_collection_history |
| spmcms_collection_node |
| spmcms_collection_program |
| spmcms_comment |
| spmcms_comment_check |
| spmcms_comment_data_1 |
| spmcms_comment_setting |
| spmcms_comment_table |
| spmcms_content_check |
| spmcms_copyfrom |
| spmcms_datacall |
| spmcms_dbsource |
| spmcms_download |
| spmcms_download_data |
| spmcms_downservers |
| spmcms_extend_setting |
| spmcms_favorite |
| spmcms_form_m_message |
| spmcms_hits |
| spmcms_ipbanned |
| spmcms_keylink |
| spmcms_keyword |
| spmcms_keyword_data |
| spmcms_link |
| spmcms_linkage |
| spmcms_log |
| spmcms_m_case |
| spmcms_m_case_data |
| spmcms_m_products |
| spmcms_m_products_data |
| spmcms_member |
| spmcms_member_detail |
| spmcms_member_group |
| spmcms_member_menu |
| spmcms_member_verify |
| spmcms_member_vip |
| spmcms_menu |
| spmcms_message |
| spmcms_message_data |
| spmcms_message_group |
| spmcms_model |
| spmcms_model_field |
| spmcms_module |
| spmcms_mood |
| spmcms_news |
| spmcms_news_data |
| spmcms_page |
| spmcms_pay_account |
| spmcms_pay_payment |
| spmcms_pay_spend |
| spmcms_picture |
| spmcms_picture_data |
| spmcms_position |
| spmcms_position_data |
| spmcms_poster |
| spmcms_poster_space |
| spmcms_queue |
| spmcms_release_point |
| spmcms_search |
| spmcms_search_keyword |
| spmcms_session |
| spmcms_site |
| spmcms_sms_report |
| spmcms_special |
| spmcms_special_c_data |
| spmcms_special_content |
| spmcms_sphinx_counter |
| spmcms_sso_admin |
| spmcms_sso_applications |
| spmcms_sso_members |
| spmcms_sso_messagequeue |
| spmcms_sso_session |
| spmcms_sso_settings |
| spmcms_tag |
| spmcms_template_bak |
| spmcms_times |
| spmcms_type |
| spmcms_urlrule |
| spmcms_video |
| spmcms_video_content |
| spmcms_video_data |
| spmcms_video_store |
| spmcms_vote_data |
| spmcms_vote_option |
| spmcms_vote_subject |
| spmcms_wap |
| spmcms_wap_type |
| spmcms_workflow |
+---------------------------------------+
Database: dmooo13_wxp123
[22 tables]
+---------------------------------------+
| dmooo_book |
| dmooo_bookanswer |
| dmooo_bookclass |
| dmooo_ccxx |
| dmooo_href |
| dmooo_job |
| dmooo_jobadd |
| dmooo_kefu |
| dmooo_member |
| dmooo_member_detail |
| dmooo_member_group |
| dmooo_member_group_extend |
| dmooo_member_group_priv |
| dmooo_member_info |
| dmooo_member_log |
| dmooo_news |
| dmooo_news_img |
| dmooo_newsclass |
| dmooo_newsclass2 |
| dmooo_orders |
| dmooo_web |
| dmooo_zgxx |
+---------------------------------------+
Database: dmooo13_biosynergics
[20 tables]
+---------------------------------------+
| dmooo_book |
| dmooo_bookanswer |
| dmooo_bookclass |
| dmooo_href |
| dmooo_job |
| dmooo_jobadd |
| dmooo_kefu |
| dmooo_member |
| dmooo_member_detail |
| dmooo_member_group |
| dmooo_member_group_extend |
| dmooo_member_group_priv |
| dmooo_member_info |
| dmooo_member_log |
| dmooo_news |
| dmooo_news_img |
| dmooo_newsclass |
| dmooo_newsclass2 |
| dmooo_orders |
| dmooo_web |
+---------------------------------------+
Database: dmooo13_hfjidi
[30 tables]
+---------------------------------------+
| dmooo_attention |
| dmooo_book |
| dmooo_bookanswer |
| dmooo_bookclass |
| dmooo_cart |
| dmooo_comment |
| dmooo_dianzan |
| dmooo_enroll |
| dmooo_href |
| dmooo_job |
| dmooo_jobadd |
| dmooo_kefu |
| dmooo_member |
| dmooo_member_detail |
| dmooo_member_group |
| dmooo_member_group_extend |
| dmooo_member_group_priv |
| dmooo_member_info |
| dmooo_member_log |
| dmooo_news |
| dmooo_newsclass |
| dmooo_newsclass2 |
| dmooo_order_info |
| dmooo_orders |
| dmooo_product_img |
| dmooo_record |
| dmooo_sixin |
| dmooo_sixin1 |
| dmooo_total |
| dmooo_web |
+---------------------------------------+
Database: dmooo13_niuduoduo
[23 tables]
+---------------------------------------+
| dmooo_book |
| dmooo_bookanswer |
| dmooo_bookclass |
| dmooo_brand_shop |
| dmooo_goods_class |
| dmooo_href |
| dmooo_job |
| dmooo_jobadd |
| dmooo_kefu |
| dmooo_link_img |
| dmooo_member |
| dmooo_member_detail |
| dmooo_member_group |
| dmooo_member_group_extend |
| dmooo_member_group_priv |
| dmooo_member_info |
| dmooo_member_log |
| dmooo_news |
| dmooo_news_img |
| dmooo_newsclass |
| dmooo_newsclass2 |
| dmooo_orders |
| dmooo_web |
+---------------------------------------+
Database: dmooo13_njupt_edu
[20 tables]
+---------------------------------------+
| dmooo_book |
| dmooo_bookanswer |
| dmooo_bookclass |
| dmooo_href |
| dmooo_job |
| dmooo_jobadd |
| dmooo_kefu |
| dmooo_member |
| dmooo_member_detail |
| dmooo_member_group |
| dmooo_member_group_extend |
| dmooo_member_group_priv |
| dmooo_member_info |
| dmooo_member_log |
| dmooo_news |
| dmooo_news_img |
| dmooo_newsclass |
| dmooo_newsclass2 |
| dmooo_orders |
| dmooo_web |
+---------------------------------------+
Database: dmooo13_haowenlvzao
[19 tables]
+---------------------------------------+
| dmooo_book |
| dmooo_bookanswer |
| dmooo_bookclass |
| dmooo_href |
| dmooo_job |
| dmooo_jobadd |
| dmooo_kefu |
| dmooo_member |
| dmooo_member_detail |
| dmooo_member_group |
| dmooo_member_group_extend |
| dmooo_member_group_priv |
| dmooo_member_info |
| dmooo_member_log |
| dmooo_news |
| dmooo_newsclass |
| dmooo_newsclass2 |
| dmooo_orders |
| dmooo_web |
+---------------------------------------+
Database: dmooo13_ca-fund
[20 tables]
+---------------------------------------+
| dmooo_book |
| dmooo_bookanswer |
| dmooo_bookclass |
| dmooo_href |
| dmooo_job |
| dmooo_jobadd |
| dmooo_kefu |
| dmooo_member |
| dmooo_member_detail |
| dmooo_member_group |
| dmooo_member_group_extend |
| dmooo_member_group_priv |
| dmooo_member_info |
| dmooo_member_log |
| dmooo_news |
| dmooo_news_img |
| dmooo_newsclass |
| dmooo_newsclass2 |
| dmooo_orders |
| dmooo_web |
+---------------------------------------+
Database: dmooo13_njbaoshu
[20 tables]
+---------------------------------------+
| dmooo_book |
| dmooo_bookanswer |
| dmooo_bookclass |
| dmooo_href |
| dmooo_job |
| dmooo_jobadd |
| dmooo_kefu |
| dmooo_member |
| dmooo_member_detail |
| dmooo_member_group |
| dmooo_member_group_extend |
| dmooo_member_group_priv |
| dmooo_member_info |
| dmooo_member_log |
| dmooo_news |
| dmooo_news_img |
| dmooo_newsclass |
| dmooo_newsclass2 |
| dmooo_orders |
| dmooo_web |
+---------------------------------------+
Database: dmooo13_htknj
[20 tables]
+---------------------------------------+
| dmooo_book |
| dmooo_bookanswer |
| dmooo_bookclass |
| dmooo_href |
| dmooo_job |
| dmooo_jobadd |
| dmooo_kefu |
| dmooo_member |
| dmooo_member_detail |
| dmooo_member_group |
| dmooo_member_group_extend |
| dmooo_member_group_priv |
| dmooo_member_info |
| dmooo_member_log |
| dmooo_news |
| dmooo_news_img |
| dmooo_newsclass |
| dmooo_newsclass2 |
| dmooo_orders |
| dmooo_web |
+---------------------------------------+
Database: dmooo13_njlockkey
[20 tables]
+---------------------------------------+
| dmooo_book |
| dmooo_bookanswer |
| dmooo_bookclass |
| dmooo_href |
| dmooo_job |
| dmooo_jobadd |
| dmooo_kefu |
| dmooo_member |
| dmooo_member_detail |
| dmooo_member_group |
| dmooo_member_group_extend |
| dmooo_member_group_priv |
| dmooo_member_info |
| dmooo_member_log |
| dmooo_news |
| dmooo_news_img |
| dmooo_newsclass |
| dmooo_newsclass2 |
| dmooo_orders |
| dmooo_web |
+---------------------------------------+
Database: dmooo13_520fx
[20 tables]
+---------------------------------------+
| dmooo_book |
| dmooo_bookanswer |
| dmooo_bookclass |
| dmooo_href |
| dmooo_job |
| dmooo_jobadd |
| dmooo_kefu |
| dmooo_member |
| dmooo_member_detail |
| dmooo_member_group |
| dmooo_member_group_extend |
| dmooo_member_group_priv |
| dmooo_member_info |
| dmooo_member_log |
| dmooo_news |
| dmooo_news_img |
| dmooo_newsclass |
| dmooo_newsclass2 |
| dmooo_orders |
| dmooo_web |
+---------------------------------------+
Database: dmooo13_yongnt
[20 tables]
+---------------------------------------+
| dmooo_book |
| dmooo_bookanswer |
| dmooo_bookclass |
| dmooo_href |
| dmooo_job |
| dmooo_jobadd |
| dmooo_kefu |
| dmooo_member |
| dmooo_member_detail |
| dmooo_member_group |
| dmooo_member_group_extend |
| dmooo_member_group_priv |
| dmooo_member_info |
| dmooo_member_log |
| dmooo_news |
| dmooo_news_img |
| dmooo_newsclass |
| dmooo_newsclass2 |
| dmooo_orders |
| dmooo_web |
+---------------------------------------+
Database: dmooo13_wantwan
[319 tables]
+---------------------------------------+
| bbs_common_admincp_cmenu |
| bbs_common_admincp_group |
| bbs_common_admincp_member |
| bbs_common_admincp_perm |
| bbs_common_admincp_session |
| bbs_common_admingroup |
| bbs_common_adminnote |
| bbs_common_advertisement |
| bbs_common_advertisement_custom |
| bbs_common_banned |
| bbs_common_block |
| bbs_common_block_favorite |
| bbs_common_block_item |
| bbs_common_block_item_data |
| bbs_common_block_permission |
| bbs_common_block_pic |
| bbs_common_block_style |
| bbs_common_block_xml |
| bbs_common_cache |
| bbs_common_card |
| bbs_common_card_log |
| bbs_common_card_type |
| bbs_common_connect_guest |
| bbs_common_credit_log |
| bbs_common_credit_log_field |
| bbs_common_credit_rule |
| bbs_common_credit_rule_log |
| bbs_common_credit_rule_log_field |
| bbs_common_cron |
| bbs_common_devicetoken |
| bbs_common_district |
| bbs_common_diy_data |
| bbs_common_domain |
| bbs_common_failedip |
| bbs_common_failedlogin |
| bbs_common_friendlink |
| bbs_common_grouppm |
| bbs_common_invite |
| bbs_common_magic |
| bbs_common_magiclog |
| bbs_common_mailcron |
| bbs_common_mailqueue |
| bbs_common_member |
| bbs_common_member_action_log |
| bbs_common_member_connect |
| bbs_common_member_count |
| bbs_common_member_crime |
| bbs_common_member_field_forum |
| bbs_common_member_field_home |
| bbs_common_member_forum_buylog |
| bbs_common_member_grouppm |
| bbs_common_member_log |
| bbs_common_member_magic |
| bbs_common_member_medal |
| bbs_common_member_newprompt |
| bbs_common_member_profile |
| bbs_common_member_profile_setting |
| bbs_common_member_security |
| bbs_common_member_secwhite |
| bbs_common_member_stat_field |
| bbs_common_member_status |
| bbs_common_member_validate |
| bbs_common_member_verify |
| bbs_common_member_verify_info |
| bbs_common_member_wechat |
| bbs_common_member_wechatmp |
| bbs_common_myapp |
| bbs_common_myinvite |
| bbs_common_mytask |
| bbs_common_nav |
| bbs_common_onlinetime |
| bbs_common_optimizer |
| bbs_common_patch |
| bbs_common_plugin |
| bbs_common_pluginvar |
| bbs_common_process |
| bbs_common_regip |
| bbs_common_relatedlink |
| bbs_common_remote_port |
| bbs_common_report |
| bbs_common_searchindex |
| bbs_common_seccheck |
| bbs_common_secquestion |
| bbs_common_session |
| bbs_common_setting |
| bbs_common_smiley |
| bbs_common_sphinxcounter |
| bbs_common_stat |
| bbs_common_statuser |
| bbs_common_style |
| bbs_common_stylevar |
| bbs_common_syscache |
| bbs_common_tag |
| bbs_common_tagitem |
| bbs_common_task |
| bbs_common_taskvar |
| bbs_common_template |
| bbs_common_template_block |
| bbs_common_template_permission |
| bbs_common_uin_black |
| bbs_common_usergroup |
| bbs_common_usergroup_field |
| bbs_common_visit |
| bbs_common_word |
| bbs_common_word_type |
| bbs_connect_disktask |
| bbs_connect_feedlog |
| bbs_connect_memberbindlog |
| bbs_connect_postfeedlog |
| bbs_connect_tthreadlog |
| bbs_forum_access |
| bbs_forum_activity |
| bbs_forum_activityapply |
| bbs_forum_announcement |
| bbs_forum_attachment |
| bbs_forum_attachment_0 |
| bbs_forum_attachment_1 |
| bbs_forum_attachment_2 |
| bbs_forum_attachment_3 |
| bbs_forum_attachment_4 |
| bbs_forum_attachment_5 |
| bbs_forum_attachment_6 |
| bbs_forum_attachment_7 |
| bbs_forum_attachment_8 |
| bbs_forum_attachment_9 |
| bbs_forum_attachment_exif |
| bbs_forum_attachment_unused |
| bbs_forum_attachtype |
| bbs_forum_bbcode |
| bbs_forum_collection |
| bbs_forum_collectioncomment |
| bbs_forum_collectionfollow |
| bbs_forum_collectioninvite |
| bbs_forum_collectionrelated |
| bbs_forum_collectionteamworker |
| bbs_forum_collectionthread |
| bbs_forum_creditslog |
| bbs_forum_debate |
| bbs_forum_debatepost |
| bbs_forum_faq |
| bbs_forum_filter_post |
| bbs_forum_forum |
| bbs_forum_forum_threadtable |
| bbs_forum_forumfield |
| bbs_forum_forumrecommend |
| bbs_forum_groupcreditslog |
| bbs_forum_groupfield |
| bbs_forum_groupinvite |
| bbs_forum_grouplevel |
| bbs_forum_groupuser |
| bbs_forum_hotreply_member |
| bbs_forum_hotreply_number |
| bbs_forum_imagetype |
| bbs_forum_medal |
| bbs_forum_medallog |
| bbs_forum_memberrecommend |
| bbs_forum_moderator |
| bbs_forum_modwork |
| bbs_forum_newthread |
| bbs_forum_onlinelist |
| bbs_forum_order |
| bbs_forum_poll |
| bbs_forum_polloption |
| bbs_forum_polloption_image |
| bbs_forum_pollvoter |
| bbs_forum_post |
| bbs_forum_post_location |
| bbs_forum_post_moderate |
| bbs_forum_post_tableid |
| bbs_forum_postcache |
| bbs_forum_postcomment |
| bbs_forum_postlog |
| bbs_forum_poststick |
| bbs_forum_promotion |
| bbs_forum_ratelog |
| bbs_forum_relatedthread |
| bbs_forum_replycredit |
| bbs_forum_rsscache |
| bbs_forum_sofa |
| bbs_forum_spacecache |
| bbs_forum_statlog |
| bbs_forum_thread |
| bbs_forum_thread_moderate |
| bbs_forum_threadaddviews |
| bbs_forum_threadcalendar |
| bbs_forum_threadclass |
| bbs_forum_threadclosed |
| bbs_forum_threaddisablepos |
| bbs_forum_threadhidelog |
| bbs_forum_threadhot |
| bbs_forum_threadimage |
| bbs_forum_threadlog |
| bbs_forum_threadmod |
| bbs_forum_threadpartake |
| bbs_forum_threadpreview |
| bbs_forum_threadprofile |
| bbs_forum_threadprofile_group |
| bbs_forum_threadrush |
| bbs_forum_threadtype |
| bbs_forum_trade |
| bbs_forum_tradecomment |
| bbs_forum_tradelog |
| bbs_forum_typeoption |
| bbs_forum_typeoptionvar |
| bbs_forum_typevar |
| bbs_forum_warning |
| bbs_home_album |
| bbs_home_album_category |
| bbs_home_appcreditlog |
| bbs_home_blacklist |
| bbs_home_blog |
| bbs_home_blog_category |
| bbs_home_blog_moderate |
| bbs_home_blogfield |
| bbs_home_class |
| bbs_home_click |
| bbs_home_clickuser |
| bbs_home_comment |
| bbs_home_comment_moderate |
| bbs_home_docomment |
| bbs_home_doing |
| bbs_home_doing_moderate |
| bbs_home_favorite |
| bbs_home_feed |
| bbs_home_feed_app |
| bbs_home_follow |
| bbs_home_follow_feed |
| bbs_home_follow_feed_archiver |
| bbs_home_friend |
| bbs_home_friend_request |
| bbs_home_friendlog |
| bbs_home_notification |
| bbs_home_pic |
| bbs_home_pic_moderate |
| bbs_home_picfield |
| bbs_home_poke |
| bbs_home_pokearchive |
| bbs_home_share |
| bbs_home_share_moderate |
| bbs_home_show |
| bbs_home_specialuser |
| bbs_home_userapp |
| bbs_home_userappfield |
| bbs_home_visitor |
| bbs_mobile_setting |
| bbs_mobile_wechat_authcode |
| bbs_mobile_wechat_masssend |
| bbs_mobile_wechat_resource |
| bbs_mobile_wsq_threadlist |
| bbs_portal_article_content |
| bbs_portal_article_count |
| bbs_portal_article_moderate |
| bbs_portal_article_related |
| bbs_portal_article_title |
| bbs_portal_article_trash |
| bbs_portal_attachment |
| bbs_portal_category |
| bbs_portal_category_permission |
| bbs_portal_comment |
| bbs_portal_comment_moderate |
| bbs_portal_rsscache |
| bbs_portal_topic |
| bbs_portal_topic_pic |
| bbs_security_evilpost |
| bbs_security_eviluser |
| bbs_security_failedlog |
| bbs_ucenter_admins |
| bbs_ucenter_applications |
| bbs_ucenter_badwords |
| bbs_ucenter_domains |
| bbs_ucenter_failedlogins |
| bbs_ucenter_feeds |
| bbs_ucenter_friends |
| bbs_ucenter_mailqueue |
| bbs_ucenter_memberfields |
| bbs_ucenter_members |
| bbs_ucenter_mergemembers |
| bbs_ucenter_newpm |
| bbs_ucenter_notelist |
| bbs_ucenter_pm_indexes |
| bbs_ucenter_pm_lists |
| bbs_ucenter_pm_members |
| bbs_ucenter_pm_messages_0 |
| bbs_ucenter_pm_messages_1 |
| bbs_ucenter_pm_messages_2 |
| bbs_ucenter_pm_messages_3 |
| bbs_ucenter_pm_messages_4 |
| bbs_ucenter_pm_messages_5 |
| bbs_ucenter_pm_messages_6 |
| bbs_ucenter_pm_messages_7 |
| bbs_ucenter_pm_messages_8 |
| bbs_ucenter_pm_messages_9 |
| bbs_ucenter_protectedmembers |
| bbs_ucenter_settings |
| bbs_ucenter_sqlcache |
| bbs_ucenter_tags |
| bbs_ucenter_vars |
| dmooo_bming |
| dmooo_book |
| dmooo_bookanswer |
| dmooo_bookclass |
| dmooo_href |
| dmooo_job |
| dmooo_jobadd |
| dmooo_kefu |
| dmooo_member |
| dmooo_member_detail |
| dmooo_member_group |
| dmooo_member_group_extend |
| dmooo_member_group_priv |
| dmooo_member_info |
| dmooo_member_log |
| dmooo_news |
| dmooo_news_img |
| dmooo_newsclass |
| dmooo_newsclass2 |
| dmooo_orders |
| dmooo_web |
| dmooo_zan |
+---------------------------------------+
Database: dmooo13_dd80
[27 tables]
+---------------------------------------+
| dmooo_add_act |
| dmooo_book |
| dmooo_bookanswer |
| dmooo_bookclass |
| dmooo_href |
| dmooo_hy |
| dmooo_job |
| dmooo_jobadd |
| dmooo_kefu |
| dmooo_member |
| dmooo_member_detail |
| dmooo_member_group |
| dmooo_member_group_extend |
| dmooo_member_group_priv |
| dmooo_member_info |
| dmooo_member_log |
| dmooo_news |
| dmooo_newsclass |
| dmooo_newsclass2 |
| dmooo_newszxs |
| dmooo_orders |
| dmooo_pl |
| dmooo_rizhi |
| dmooo_web |
| dmooo_yy |
| dmooo_zxs |
| dmooo_zxswz |
+---------------------------------------+
Database: dmooo13_wzdauto
[20 tables]
+---------------------------------------+
| dmooo_book |
| dmooo_bookanswer |
| dmooo_bookclass |
| dmooo_href |
| dmooo_job |
| dmooo_jobadd |
| dmooo_kefu |
| dmooo_member |
| dmooo_member_detail |
| dmooo_member_group |
| dmooo_member_group_extend |
| dmooo_member_group_priv |
| dmooo_member_info |
| dmooo_member_log |
| dmooo_news |
| dmooo_news_img |
| dmooo_newsclass |
| dmooo_newsclass2 |
| dmooo_orders |
| dmooo_web |
+---------------------------------------+
Database: dmooo13_zgdfca
[20 tables]
+---------------------------------------+
| dmooo_book |
| dmooo_bookanswer |
| dmooo_bookclass |
| dmooo_href |
| dmooo_job |
| dmooo_jobadd |
| dmooo_kefu |
| dmooo_member |
| dmooo_member_detail |
| dmooo_member_group |
| dmooo_member_group_extend |
| dmooo_member_group_priv |
| dmooo_member_info |
| dmooo_member_log |
| dmooo_news |
| dmooo_news_img |
| dmooo_newsclass |
| dmooo_newsclass2 |
| dmooo_orders |
| dmooo_web |
+---------------------------------------+
Database: dmooo13_yf_jt2
[19 tables]
+---------------------------------------+
| dmooo_book |
| dmooo_bookanswer |
| dmooo_bookclass |
| dmooo_href |
| dmooo_job |
| dmooo_jobadd |
| dmooo_kefu |
| dmooo_member |
| dmooo_member_detail |
| dmooo_member_group |
| dmooo_member_group_extend |
| dmooo_member_group_priv |
| dmooo_member_info |
| dmooo_member_log |
| dmooo_news |
| dmooo_newsclass |
| dmooo_newsclass2 |
| dmooo_orders |
| dmooo_web |
+---------------------------------------+
Database: information_schema
[37 tables]
+---------------------------------------+
| CHARACTER_SETS |
| COLLATIONS |
| COLLATION_CHARACTER_SET_APPLICABILITY |
| COLUMNS |
| COLUMN_PRIVILEGES |
| ENGINES |
| EVENTS |
| FILES |
| GLOBAL_STATUS |
| GLOBAL_VARIABLES |
| INNODB_CMP |
| INNODB_CMPMEM |
| INNODB_CMPMEM_RESET |
| INNODB_CMP_RESET |
| INNODB_LOCKS |
| INNODB_LOCK_WAITS |
| INNODB_TRX |
| KEY_COLUMN_USAGE |
| PARAMETERS |
| PARTITIONS |
| PLUGINS |
| PROCESSLIST |
| PROFILING |
| REFERENTIAL_CONSTRAINTS |
| ROUTINES |
| SCHEMATA |
| SCHEMA_PRIVILEGES |
| SESSION_STATUS |
| SESSION_VARIABLES |
| STATISTICS |
| TABLES |
| TABLESPACES |
| TABLE_CONSTRAINTS |
| TABLE_PRIVILEGES |
| TRIGGERS |
| USER_PRIVILEGES |
| VIEWS |
+---------------------------------------+
Database: dmooo13_jirongyuan
[25 tables]
+---------------------------------------+
| dmooo_address |
| dmooo_book |
| dmooo_bookanswer |
| dmooo_bookclass |
| dmooo_cart |
| dmooo_cz_record |
| dmooo_href |
| dmooo_jifen |
| dmooo_job |
| dmooo_jobadd |
| dmooo_kefu |
| dmooo_member |
| dmooo_member_detail |
| dmooo_member_group |
| dmooo_member_group_extend |
| dmooo_member_group_priv |
| dmooo_member_info |
| dmooo_member_log |
| dmooo_news |
| dmooo_news_img |
| dmooo_newsclass |
| dmooo_newsclass2 |
| dmooo_order_info |
| dmooo_orders |
| dmooo_web |
+---------------------------------------+
Database: dmooo13_azzn
[20 tables]
+---------------------------------------+
| dmooo_book |
| dmooo_bookanswer |
| dmooo_bookclass |
| dmooo_href |
| dmooo_job |
| dmooo_jobadd |
| dmooo_kefu |
| dmooo_member |
| dmooo_member_detail |
| dmooo_member_group |
| dmooo_member_group_extend |
| dmooo_member_group_priv |
| dmooo_member_info |
| dmooo_member_log |
| dmooo_news |
| dmooo_news_img |
| dmooo_newsclass |
| dmooo_newsclass2 |
| dmooo_orders |
| dmooo_web |
+---------------------------------------+
Database: dmooo13_njkuoai
[20 tables]
+---------------------------------------+
| dmooo_book |
| dmooo_bookanswer |
| dmooo_bookclass |
| dmooo_href |
| dmooo_job |
| dmooo_jobadd |
| dmooo_kefu |
| dmooo_member |
| dmooo_member_detail |
| dmooo_member_group |
| dmooo_member_group_extend |
| dmooo_member_group_priv |
| dmooo_member_info |
| dmooo_member_log |
| dmooo_news |
| dmooo_news_img |
| dmooo_newsclass |
| dmooo_newsclass2 |
| dmooo_orders |
| dmooo_web |
+---------------------------------------+
Database: dmooo13_smsz
[20 tables]
+---------------------------------------+
| dmooo_book |
| dmooo_bookanswer |
| dmooo_bookclass |
| dmooo_href |
| dmooo_job |
| dmooo_jobadd |
| dmooo_kefu |
| dmooo_member |
| dmooo_member_detail |
| dmooo_member_group |
| dmooo_member_group_extend |
| dmooo_member_group_priv |
| dmooo_member_info |
| dmooo_member_log |
| dmooo_news |
| dmooo_news_img |
| dmooo_newsclass |
| dmooo_newsclass2 |
| dmooo_orders |
| dmooo_web |
+---------------------------------------+
Database: dmooo13_njwangdou
[25 tables]
+---------------------------------------+
| dmooo_address |
| dmooo_banner |
| dmooo_banner_class |
| dmooo_book |
| dmooo_bookanswer |
| dmooo_bookclass |
| dmooo_cart |
| dmooo_goodcomment |
| dmooo_href |
| dmooo_job |
| dmooo_job_apply |
| dmooo_kefu |
| dmooo_member |
| dmooo_member_detail |
| dmooo_member_group |
| dmooo_member_group_extend |
| dmooo_member_group_priv |
| dmooo_member_info |
| dmooo_member_log |
| dmooo_news |
| dmooo_news_img |
| dmooo_newsclass |
| dmooo_newsclass2 |
| dmooo_orders |
| dmooo_web |
+---------------------------------------+
Database: dmooo13_kequntech
[20 tables]
+---------------------------------------+
| dmooo_book |
| dmooo_bookanswer |
| dmooo_bookclass |
| dmooo_href |
| dmooo_job |
| dmooo_jobadd |
| dmooo_kefu |
| dmooo_member |
| dmooo_member_detail |
| dmooo_member_group |
| dmooo_member_group_extend |
| dmooo_member_group_priv |
| dmooo_member_info |
| dmooo_member_log |
| dmooo_news |
| dmooo_news_img |
| dmooo_newsclass |
| dmooo_newsclass2 |
| dmooo_orders |
| dmooo_web |
+---------------------------------------+
Database: dmooo13_njcfa
[20 tables]
+---------------------------------------+
| dmooo_book |
| dmooo_bookanswer |
| dmooo_bookclass |
| dmooo_href |
| dmooo_job |
| dmooo_jobadd |
| dmooo_kefu |
| dmooo_member |
| dmooo_member_detail |
| dmooo_member_group |
| dmooo_member_group_extend |
| dmooo_member_group_priv |
| dmooo_member_info |
| dmooo_member_log |
| dmooo_news |
| dmooo_news_img |
| dmooo_newsclass |
| dmooo_newsclass2 |
| dmooo_orders |
| dmooo_web |
+---------------------------------------+
Database: dmooo13_zyy
[31 tables]
+---------------------------------------+
| dmooo_book |
| dmooo_bookanswer |
| dmooo_bookclass |
| dmooo_collect |
| dmooo_exam_select |
| dmooo_examclass |
| dmooo_examclass2 |
| dmooo_examination |
| dmooo_href |
| dmooo_job |
| dmooo_jobadd |
| dmooo_kefu |
| dmooo_log |
| dmooo_look |
| dmooo_lower_man |
| dmooo_member |
| dmooo_member_detail |
| dmooo_member_group |
| dmooo_member_group_extend |
| dmooo_member_group_priv |
| dmooo_member_info |
| dmooo_member_log |
| dmooo_news |
| dmooo_news_img |
| dmooo_newsclass |
| dmooo_newsclass2 |
| dmooo_orders |
| dmooo_score |
| dmooo_web |
| dmooo_zhibu |
| dmooo_zhibu1 |
+---------------------------------------+
Database: dmooo13_gmp-defense
[20 tables]
+---------------------------------------+
| dmooo_book |
| dmooo_bookanswer |
| dmooo_bookclass |
| dmooo_href |
| dmooo_job |
| dmooo_jobadd |
| dmooo_kefu |
| dmooo_member |
| dmooo_member_detail |
| dmooo_member_group |
| dmooo_member_group_extend |
| dmooo_member_group_priv |
| dmooo_member_info |
| dmooo_member_log |
| dmooo_news |
| dmooo_news_img |
| dmooo_newsclass |
| dmooo_newsclass2 |
| dmooo_orders |
| dmooo_web |
+---------------------------------------+
Database: dmooo13_hktjw
[22 tables]
+---------------------------------------+
| dmooo_book |
| dmooo_bookanswer |
| dmooo_bookclass |
| dmooo_goods |
| dmooo_href |
| dmooo_job |
| dmooo_jobadd |
| dmooo_kefu |
| dmooo_member |
| dmooo_member_detail |
| dmooo_member_group |
| dmooo_member_group_extend |
| dmooo_member_group_priv |
| dmooo_member_info |
| dmooo_member_log |
| dmooo_news |
| dmooo_news_img |
| dmooo_newsclass |
| dmooo_newsclass2 |
| dmooo_orders |
| dmooo_shop |
| dmooo_web |
+---------------------------------------+
Database: dmooo13_xxt998
[20 tables]
+---------------------------------------+
| dmooo_book |
| dmooo_bookanswer |
| dmooo_bookclass |
| dmooo_href |
| dmooo_job |
| dmooo_jobadd |
| dmooo_kefu |
| dmooo_member |
| dmooo_member_detail |
| dmooo_member_group |
| dmooo_member_group_extend |
| dmooo_member_group_priv |
| dmooo_member_info |
| dmooo_member_log |
| dmooo_news |
| dmooo_news_img |
| dmooo_newsclass |
| dmooo_newsclass2 |
| dmooo_orders |
| dmooo_web |
+---------------------------------------+
Database: dmooo13_zhaochuanwang
[322 tables]
+---------------------------------------+
| dmooo13_common_admincp_cmenu |
| dmooo13_common_admincp_group |
| dmooo13_common_admincp_member |
| dmooo13_common_admincp_perm |
| dmooo13_common_admincp_session |
| dmooo13_common_admingroup |
| dmooo13_common_adminnote |
| dmooo13_common_advertisement |
| dmooo13_common_advertisement_custom |
| dmooo13_common_banned |
| dmooo13_common_block |
| dmooo13_common_block_favorite |
| dmooo13_common_block_item |
| dmooo13_common_block_item_data |
| dmooo13_common_block_permission |
| dmooo13_common_block_pic |
| dmooo13_common_block_style |
| dmooo13_common_block_xml |
| dmooo13_common_cache |
| dmooo13_common_card |
| dmooo13_common_card_log |
| dmooo13_common_card_type |
| dmooo13_common_connect_guest |
| dmooo13_common_credit_log |
| dmooo13_common_credit_log_field |
| dmooo13_common_credit_rule |
| dmooo13_common_credit_rule_log |
| dmooo13_common_credit_rule_log_field |
| dmooo13_common_cron |
| dmooo13_common_devicetoken |
| dmooo13_common_district |
| dmooo13_common_diy_data |
| dmooo13_common_domain |
| dmooo13_common_failedip |
| dmooo13_common_failedlogin |
| dmooo13_common_friendlink |
| dmooo13_common_grouppm |
| dmooo13_common_invite |
| dmooo13_common_magic |
| dmooo13_common_magiclog |
| dmooo13_common_mailcron |
| dmooo13_common_mailqueue |
| dmooo13_common_member |
| dmooo13_common_member_action_log |
| dmooo13_common_member_connect |
| dmooo13_common_member_count |
| dmooo13_common_member_crime |
| dmooo13_common_member_field_forum |
| dmooo13_common_member_field_home |
| dmooo13_common_member_forum_buylog |
| dmooo13_common_member_grouppm |
| dmooo13_common_member_log |
| dmooo13_common_member_magic |
| dmooo13_common_member_medal |
| dmooo13_common_member_newprompt |
| dmooo13_common_member_profile |
| dmooo13_common_member_profile_setting |
| dmooo13_common_member_security |
| dmooo13_common_member_secwhite |
| dmooo13_common_member_stat_field |
| dmooo13_common_member_status |
| dmooo13_common_member_validate |
| dmooo13_common_member_verify |
| dmooo13_common_member_verify_info |
| dmooo13_common_member_wechat |
| dmooo13_common_member_wechatmp |
| dmooo13_common_myapp |
| dmooo13_common_myinvite |
| dmooo13_common_mytask |
| dmooo13_common_nav |
| dmooo13_common_onlinetime |
| dmooo13_common_optimizer |
| dmooo13_common_patch |
| dmooo13_common_plugin |
| dmooo13_common_pluginvar |
| dmooo13_common_process |
| dmooo13_common_regip |
| dmooo13_common_relatedlink |
| dmooo13_common_remote_port |
| dmooo13_common_report |
| dmooo13_common_searchindex |
| dmooo13_common_seccheck |
| dmooo13_common_secquestion |
| dmooo13_common_session |
| dmooo13_common_setting |
| dmooo13_common_smiley |
| dmooo13_common_sphinxcounter |
| dmooo13_common_stat |
| dmooo13_common_statuser |
| dmooo13_common_style |
| dmooo13_common_stylevar |
| dmooo13_common_syscache |
| dmooo13_common_tag |
| dmooo13_common_tagitem |
| dmooo13_common_task |
| dmooo13_common_taskvar |
| dmooo13_common_template |
| dmooo13_common_template_block |
| dmooo13_common_template_permission |
| dmooo13_common_uin_black |
| dmooo13_common_usergroup |
| dmooo13_common_usergroup_field |
| dmooo13_common_visit |
| dmooo13_common_word |
| dmooo13_common_word_type |
| dmooo13_connect_disktask |
| dmooo13_connect_feedlog |
| dmooo13_connect_memberbindlog |
| dmooo13_connect_postfeedlog |
| dmooo13_connect_tthreadlog |
| dmooo13_forum_access |
| dmooo13_forum_activity |
| dmooo13_forum_activityapply |
| dmooo13_forum_announcement |
| dmooo13_forum_attachment |
| dmooo13_forum_attachment_0 |
| dmooo13_forum_attachment_1 |
| dmooo13_forum_attachment_2 |
| dmooo13_forum_attachment_3 |
| dmooo13_forum_attachment_4 |
| dmooo13_forum_attachment_5 |
| dmooo13_forum_attachment_6 |
| dmooo13_forum_attachment_7 |
| dmooo13_forum_attachment_8 |
| dmooo13_forum_attachment_9 |
| dmooo13_forum_attachment_exif |
| dmooo13_forum_attachment_unused |
| dmooo13_forum_attachtype |
| dmooo13_forum_bbcode |
| dmooo13_forum_collection |
| dmooo13_forum_collectioncomment |
| dmooo13_forum_collectionfollow |
| dmooo13_forum_collectioninvite |
| dmooo13_forum_collectionrelated |
| dmooo13_forum_collectionteamworker |
| dmooo13_forum_collectionthread |
| dmooo13_forum_creditslog |
| dmooo13_forum_debate |
| dmooo13_forum_debatepost |
| dmooo13_forum_faq |
| dmooo13_forum_filter_post |
| dmooo13_forum_forum |
| dmooo13_forum_forum_threadtable |
| dmooo13_forum_forumfield |
| dmooo13_forum_forumrecommend |
| dmooo13_forum_groupcreditslog |
| dmooo13_forum_groupfield |
| dmooo13_forum_groupinvite |
| dmooo13_forum_grouplevel |
| dmooo13_forum_groupuser |
| dmooo13_forum_hotreply_member |
| dmooo13_forum_hotreply_number |
| dmooo13_forum_imagetype |
| dmooo13_forum_medal |
| dmooo13_forum_medallog |
| dmooo13_forum_memberrecommend |
| dmooo13_forum_moderator |
| dmooo13_forum_modwork |
| dmooo13_forum_newthread |
|
修复方案:
Null
版权声明:转载请注明来源 路人甲@乌云
漏洞回应
厂商回应:
危害等级:高
漏洞Rank:10
确认时间:2016-01-15 15:40
厂商回复:
CNVD确认并复现所述情况,已经转由CNCERT向证券业信息化主管部门通报,由其后续协调网站管理单位处置.
最新状态:
暂无