当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0136138

漏洞标题:女人志某站存在SQL注入过waf

相关厂商:onlylady女人志

漏洞作者: 深度安全实验室

提交时间:2015-08-23 20:07

修复时间:2015-08-28 20:08

公开时间:2015-08-28 20:08

漏洞类型:SQL注射漏洞

危害等级:高

自评Rank:15

漏洞状态:漏洞已经通知厂商但是厂商忽略漏洞

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2015-08-23: 细节已通知厂商并且等待厂商处理中
2015-08-28: 厂商已经主动忽略漏洞,细节向公众公开

简要描述:

详细说明:

http://m.onlylady.com/ 

POST /files/eventapi.php HTTP/1.1
Content-Length: 63
Content-Type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest
Referer: http://m.onlylady.com:80/
Cookie: redirect=http%3A%2F%2Fm.onlylady.com%2Fuser%2F; C2ul_ae1d_saltkey=7C003kz0; C2ul_ae1d_lastvisit=1440235953; C2ul_ae1d_sid=3px5Ap; C2ul_ae1d_lastact=1440239569%09blog.php%09user; C2ul_ae1d_visitedfid=4; blog_refererh5=http%3A%2F%2Fm.onlylady.com%2F; C2ul_ae1d_viewblogids=a%3A1%3A%7Bi%3A10567885%3Bi%3A1440239554%3B%7D; C2ul_ae1d_fid55=1440236232; C2ul_ae1d_fid70=1440236040; C2ul_ae1d_fid3=1440239400; refferstr=http%3A//m.onlylady.com/hzp/; ip_ck=dec2iDKDrUvcxEl14+P0wXl9OmXD/EvNjYv8awkiAOE6WszUDj+rqB73Ozl+n8wLmb5MH6k3J5rDasyuce0; zyuv=ZGD0ZQVmBGp1BPj0ZGV0AwpkZGxfZF44ZP4kZGxhZwD5; cookiefrom=www.acunetix-referrer.com; lv=1440239752; vn=1; enjoyit=1-43-0-4; HMACCOUNT=B0CFEA8EBEABA469; Hm_lvt_007ae80d86020a12ea70e178ef98792a=1440239748,1440239821,1440239987,1440240216; Hm_lpvt_007ae80d86020a12ea70e178ef98792a=1440240216; Hm_lvt_afdacfae1f48822d32e19c5d12aeaef0=1440239990,1440240264,1440240283,1440240472; Hm_lpvt_afdacfae1f48822d32e19c5d12aeaef0=1440240472; Hm_lvt_62c7796f6c1db9651c92243e9e2db129=1440239990,1440240264,1440240283,1440240472; Hm_lpvt_62c7796f6c1db9651c92243e9e2db129=1440240472; http://m.onlylady.com/video/2015/0820/3728949.shtml=ggggggg%7B%7BZ%7D%7D%25E4%25B8%258B%25E4%25B8%2580%25E7%25AF%2587%25EF%25BC%259ACover%2520star%25EF%25BC%259A%25E8%25B6%2585%25E6%25A8%25A1CiCi%25E9%2595%2582%25E7%25A9%25BA%25E9%2580%25A0%25E5%259E%258B%25E7%25A4%25BA%25E8%258C%2583%25E6%2597%25A9%25E7%25A7%258B%25E8%25B6%258B%25E5%258A%25BF; http://m.onlylady.com/streetstyle/2015/0820/3728739.shtml=g3cemv2euggg%7B%7BZ%7D%7D%25E4%25BB%258A%25E5%25A4%258F%25E4%25B8%2589%25E5%25A4%25A7%25E6%259C%2580%25E9%2585%25B7%25E6%2590%25AD%25E9%2585%258D%2520%25E8%25AE%25A9%25E4%25BD%25A0%25E4%25B8%258D%25E5%2581%259A%25E8%25B7%25AF%25E4%25BA%25BA%25E7%2594%25B2%25EF%25BC%2581; Hm_lvt_4432c743503aaee46bffcde983fa47ab=1440240143,1440240216,1440240264,1440240472; Hm_lpvt_4432c743503aaee46bffcde983fa47ab=1440240472; http://m.onlylady.com/body=t55mg11qggg%7B%7BZ%7D%7D%2509%2509%2509%2509%2509%2509%2509%2509%2509%2509%2509%2509%2509%2509%2509%2509%2509%2509%25E2%2580%259C%25E5%2590%258E%25E7%2587%2583%25E2%2580%259D%25E7%2598%25A6%25E8%25BA%25AB%25E6%25B3%2595%2520%25E7%25A6%25BB%25E5%25BC%2580%25E5%2581%25A5%25E8%25BA%25AB%25E6%2588%25BF%25E6%258C%2581%25E7%25BB%25AD%25E7%2587%2583%25E8%2584%25822015-08-21%2509%2509%2509%2509%2509%2509%2509%2509; mltn=@7~6171406295534761626>1>1440240269573>1>1440240269573>6171406295534761625>1440240269573@; mlti=@7~144024020325037198@; V=6171406295472648460; __utmt=1; __utma=4627693.1538924885.1440240216.1440240216.1440240216.1; __utmb=4627693.1.10.1440240216; __utmc=4627693; __utmz=4627693.1440240216.1.1.utmcsr=acunetix-referrer.com|utmccn=(referral)|utmcmd=referral|utmcct=/javascript:domxssExecutionSink(0,"'\"><xsstag>()refdxss"); http://m.onlylady.com/m/=t2bvg1aiggg%7B%7BZ%7D%7D%25E6%25B7%25B1%25E6%2589%2592%25E8%25B6%2585%25E6%25A8%25A1%25E4%25BB%25AC%25E7%259A%2584%25E7%25BE%258E%25E5%258F%2591%25E7%25A7%2598%25E8%25AF%2580%2520%25E7%25A7%2581%25E5%25BA%2595%25E4%25B8%258B%25E5%2588%25B0%25E5%25BA%2595%25E9%2583%25BD%25E7%2594%25A8%25E4%25BB%2580%25E4%25B9%2588%25E4%25BA%25A7%25E5%2593%25812015-08-24; BAIDUID=9E90DB1E59D2A6C42E10A43096411131:FG=1; mlts=@7~4>acunetix-referrer.com@; http://m.onlylady.com/hzp/=-4h-2t4m2oggg%7B%7BZ%7D%7Dfilter-btn
Host: m.onlylady.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.21
Accept: */*
a=Hites&c=H5List&id=3680677

id参数,过滤了大于符号~

1.png

2.jpg

漏洞证明:

修复方案:

版权声明:转载请注明来源 深度安全实验室@乌云

漏洞回应

厂商回应:

危害等级:无影响厂商忽略

忽略时间:2015-08-28 20:08

厂商回复:

漏洞Rank:4 (WooYun评价)

最新状态:

暂无