当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2013-037970

漏洞标题:百大英才网注入一枚泄漏大量数据库

相关厂商:百大英才网

漏洞作者: 爱上平顶山

提交时间:2013-09-24 16:35

修复时间:2013-11-08 16:36

公开时间:2013-11-08 16:36

漏洞类型:SQL注射漏洞

危害等级:高

自评Rank:12

漏洞状态:未联系到厂商或者厂商积极忽略

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:


漏洞详情

披露状态:

2013-09-24: 积极联系厂商并且等待厂商认领中,细节不对外公开
2013-11-08: 厂商已经主动忽略漏洞,细节向公众公开

简要描述:

0.0

详细说明:

百大英才网注入一枚
点:http://www.baidajob.com/advisor/article/detail?article_id=15
Target: http://www.baidajob.com/advisor/article/detail?article_id=15
Host IP: 119.147.213.167
Web Server: Apache/2.2.3 (Red Hat)
Powered-by: PHP/5.2.17
DB Server: MySQL error based
Resp. Time(avg): 4372 ms
Sql Version: 5.1.58-log
Current DB: baidajob
Host Name: 164
Installation dir: /usr/
表:
admin_client
area_change
bad_email
base_age
base_area
base_area_copy_more
base_area_old_new
base_card
base_company
base_currency
base_degree
base_entry
base_experience
base_grade
base_kind
base_language
base_level
base_position
base_position_category
base_position_category_detail
base_position_category_old_new
base_position_copy
base_position_hebing
base_professor
base_province
base_rank
base_region
base_salary
base_scale
base_school
base_skill
base_tag
base_trade
base_trade_category
base_welfare
base_work_model
bd_admin
bd_admin_menu
bd_admin_right
bd_advert
bd_advert_place
bd_advert_place_copy
bd_adviser
bd_adviser_storage
bd_alliance
bd_alliance_balance
bd_app
bd_article
bd_article_category
bd_baiduxml
bd_baiduxml_log
bd_board
bd_call
bd_callout_pe
bd_content
bd_coupon
bd_coupon_get
bd_coupon_use
bd_hot_city
bd_hot_position
bd_hot_word
bd_index_advance_invite
bd_index_advance_resume
bd_index_recommend_co
bd_index_urgent_invite
bd_info
bd_info_copy
bd_innerlink
bd_invite
bd_keyword
bd_link
bd_message
bd_product
bd_product_category
bd_product_pack_detail
bd_product_pack_tb
bd_product_price
bd_product_use
bd_recommend_resume
bd_trade_group
bd_word
boss_autocall_event
boss_callout_cdr
boss_callout_plan
boss_co_group
boss_co_searcher
boss_co_task
boss_commit_operate
boss_config_task_filter
boss_confirm
boss_data_analyse
boss_data_analyse_bak
boss_default_contact
boss_department
boss_role
boss_tag
boss_task
boss_task_collect
boss_task_process
boss_task_process_copy
boss_task_tag
boss_touch_log
boss_touch_log_history
boss_user
boss_user_task
boss_user_trade
calldata
calldata2
callout_pe_intent_area
callout_pe_intent_position
checksums
co_adviser_action
co_appraise
co_base
co_complaint
co_contact
co_department
co_email_log
co_email_template
co_favorite
co_follow
co_group
co_interview
co_invite
co_invite_ad
co_invite_kind
co_invite_log
co_invite_state
co_invite_template
co_jointrade
co_linkmen
co_log
co_online
co_recommend_resume
服务器似乎不稳定? 跑的太慢了 不深入了

漏洞证明:

admin_client
area_change
bad_email
base_age
base_area
base_area_copy_more
base_area_old_new
base_card
base_company
base_currency
base_degree
base_entry
base_experience
base_grade
base_kind
base_language
base_level
base_position
base_position_category
base_position_category_detail
base_position_category_old_new
base_position_copy
base_position_hebing
base_professor
base_province
base_rank
base_region
base_salary
base_scale
base_school
base_skill
base_tag
base_trade
base_trade_category
base_welfare
base_work_model
bd_admin
bd_admin_menu
bd_admin_right
bd_advert
bd_advert_place
bd_advert_place_copy
bd_adviser
bd_adviser_storage
bd_alliance
bd_alliance_balance
bd_app
bd_article
bd_article_category
bd_baiduxml
bd_baiduxml_log
bd_board
bd_call
bd_callout_pe
bd_content
bd_coupon
bd_coupon_get
bd_coupon_use
bd_hot_city
bd_hot_position
bd_hot_word
bd_index_advance_invite
bd_index_advance_resume
bd_index_recommend_co
bd_index_urgent_invite
bd_info
bd_info_copy
bd_innerlink
bd_invite
bd_keyword
bd_link
bd_message
bd_product
bd_product_category
bd_product_pack_detail
bd_product_pack_tb
bd_product_price
bd_product_use
bd_recommend_resume
bd_trade_group
bd_word
boss_autocall_event
boss_callout_cdr
boss_callout_plan
boss_co_group
boss_co_searcher
boss_co_task
boss_commit_operate
boss_config_task_filter
boss_confirm
boss_data_analyse
boss_data_analyse_bak
boss_default_contact
boss_department
boss_role
boss_tag
boss_task
boss_task_collect
boss_task_process
boss_task_process_copy
boss_task_tag
boss_touch_log
boss_touch_log_history
boss_user
boss_user_task
boss_user_trade
calldata
calldata2
callout_pe_intent_area
callout_pe_intent_position
checksums
co_adviser_action
co_appraise
co_base
co_complaint
co_contact
co_department
co_email_log
co_email_template
co_favorite
co_follow
co_group
co_interview
co_invite
co_invite_ad
co_invite_kind
co_invite_log
co_invite_state
co_invite_template
co_jointrade
co_linkmen
co_log
co_online
co_recommend_resume

修复方案:

过滤

版权声明:转载请注明来源 爱上平顶山@乌云


漏洞回应

厂商回应:

未能联系到厂商或者厂商积极拒绝