当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0153531

漏洞标题:春秋航空某处配置不当涉及大量敏感信息/内网敏感信息/FTP账号密码/邮件系统/各种支付key

相关厂商:春秋航空

漏洞作者: 路人甲

提交时间:2015-11-11 13:33

修复时间:2015-12-26 14:54

公开时间:2015-12-26 14:54

漏洞类型:系统/服务运维配置不当

危害等级:高

自评Rank:15

漏洞状态:厂商已经确认

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:


漏洞详情

披露状态:

2015-11-11: 细节已通知厂商并且等待厂商处理中
2015-11-11: 厂商已经确认,细节仅向厂商公开
2015-11-21: 细节向核心白帽子及相关领域专家公开
2015-12-01: 细节向普通白帽子公开
2015-12-11: 细节向实习白帽子公开
2015-12-26: 细节向公众公开

简要描述:

听说提交漏洞送飞机模型~送我老光棍一架飞机啊~!

详细说明:

航空-JP整站备份打包
http://jp.ch.com/jp.ch.com.zip

1.png


Down之后如图:

1.jpg

漏洞证明:

敏感信息汇总整理如下:
0x0x:

mask 区域
*****息汇总^*****
*****x^*****
1.://**.**.**//*****.40:7001/AirSalesWS/remote/ForeignWeb/YhqService"_
**********
*****rlinesYhqService.IYhqServicePortType&q*****
**********
2.://**.**.**//*****.40:7001/AirSalesWS/remote/ForeignWeb/LyService" binding="basicHttpBinding" contract="LyService.ILyServicePortType" name="ILyServiceHttpPort" />_
**********
3.://**.**.**//***1.59:9001/AirSalesBiWS/springairline/remoteservice/otherdetailWS" binding="basicHttpBinding" contract="SpringAirlinesBIService.OtherDetailWS_bizPortType" name="OtherDetailWS_bizHttpPort" />_
**********
4.://**.**.**//***0.51:5001/services/AsaLossReportWs" binding="basicHttpBinding" contract="AsaWebService.AsaLossReportWsPortType" name="AsaLossReportWsHttpPort" />_
**********
5.://**.**.**//***1.55:8013/Services/SpringAirlinesService.svc" binding="netTcpBinding" contract="SpringAirlinesWCFService.ISpringAirlinesService" name="NetTcpBinding_ISpringAirlinesService"/>_
**********
6.://**.**.**//*****.40:7001/AirSalesWS/remote/ForeignWeb/ManageService"_
**********
*****quot;basicHtt*****
**********
*****inesICustService.IMan*****
**********
*****anageServiceHtt*****
**********
7.://**.**.**//*****.40:7001/AirSalesWS/remote/ForeignWeb/TktAppointService"_
**********
*****quot;basicHtt*****
**********
*****ervicePortType" name=&quot*****
**********
8.://**.**.**//*****.40:7001/AirSalesWS/remote/ForeignWeb/ManageService"_
**********
*****quot;basicHtt*****
**********
*****inesManageService.IMa*****
**********
*****anageServiceHtt*****
**********
9.://**.**.**//*****.50:7021/AirSalesWSCust/remote/ForeignWeb/CustService" binding="basicHttpBinding" contract="SpringAirlinesCustService.ICustServicePortType" name="ICustServiceHttpPort" />_
**********
10.://**.**.**//***0.54:8080/chs/remote/webservice/QuestSurveyService" binding="basicHttpBinding" contract="SpringAirlinesQuestSurveyService.QuestSurveyServicePortType" name="QuestSurveyServiceHttpPort"/>_
**********
11.://**.**.**//springairlines.dmdelivery.com/x/soap-v4/server.php" binding="basicHttpBinding" contract="EmailService.DMdeliverySoapAPIPort" name="DMdeliverySoapAPIPort"/>_
**********
12.://**.**.**//*****.40:7001/AirSalesWS/remote/ForeignWeb/FlightService" binding="basicHttpBinding" contract="SpringAirlinesFlightService.IFlightServicePortType" name="IFlightServiceHttpPort"/>_
**********
13.://**.**.**//***0.51:8001/service/JapanJobService" binding="basicHttpBinding" contract="SpringAirlinesJapanJobService.JapanJobServicePortType" name="JapanJobServiceHttpPort"/>_
**********
14.://**.**.**//*****.40:7001/AirSalesWS/remote/ForeignWeb/OrderService" binding="basicHttpBinding" contract="SpringAirlinesOrderService.IOrderServicePortType" name="IOrderServiceHttpPort"/>_
**********
15.://**.**.**//*****.40:7001/AirSalesWS/remote/ForeignWeb/PayService" binding="basicHttpBinding" contract="SpringAirlinesPayService.IPayServicePortType" name="IPayServiceHttpPort"/>_
**********
16.://**.**.**//*****.40:7001/AirSalesWS/remote/ForeignWeb/SubProdService" binding="basicHttpBinding" contract="SpringAirlinesSubProdService.ISubProdServicePortType" name="ISubProdServiceHttpPort"/>_
**********
17.://**.**.**//*****.40:7001/AirSalesWS/remote/ForeignWeb/TktModifyService" binding="basicHttpBinding" contract="SpringAirlinesTktModifyService.ITktModifyServicePortType" name="ITktModifyServiceHttpPort"/>_
**********
18.://**.**.**//***1.8:9001/derbyhotel/webservice/hotelB2CReservation" binding="basicHttpBinding" contract="SpringHotelService.HotelB2CReservationService" name="HotelB2CReservationServiceImplPort" /> _
**********
19.://**.**.**//content.daodao.com/ContentService" binding="basicHttpBinding" contract="DaoDaoService.ContentServicePortType" name="ContentServiceHttpPort" />_
**********
20.://**.**.**//*****.40:7001/AirSalesWS/remote/ForeignWeb/FlightHotelService" binding="basicHttpBinding" contract="FlightHotelService.IFlightHotelServicePortType" name="IFlightHotelServiceHttpPort" />_
**********
21.://**.**.**//***1.8:9001/derbyhotel/webservice/hotelAirlineReservation" binding="basicHttpBinding" contract="SpringHotelService.HotelAirlineReservationService" name="HotelAirlineReservationServiceImplPort" bindingConfiguration="hotelAirlineHttpBinding"/> _
**********
22.://**.**.**//*****.50:7021/AirSalesWSCust/remote/ForeignWeb/FfpService" binding="basicHttpBinding" bindingConfiguration="IFfpServiceHttpBinding" contract="SpringAirlinesFFPService.IFfpServicePortType" name="IFfpServiceHttpPort" />_
**********
23.://**.**.**//***1.12:9001/AirSalesWSCust/remote/ForeignWeb/BtgService"_
**********
*****"basicH*****
**********
*****tgServicePortType" name=*****
**********
**********
*****1:*****
**********
*****
*****
*****区*****
24.://**.**.**//***2.60:1521/orcl;Min Pool Size=10;Max Pool Size=30;Connection Lifetime=120;Connection Timeout=60;Incr Pool Size=5; Decr Pool Size=2;" providerName="Oracle.DataAccess.Client" />_
**********
25.://**.**.**//***2.60:1521/orcl;Min Pool Size=10;Max Pool Size=30;Connection Lifetime=120;Connection Timeout=60;Incr Pool Size=5; Decr Pool Size=2;" providerName="Oracle.DataAccess.Client" />_
**********
26.://**.**.**//***2.60:1521/orcl1;Min Pool Size=10;Max Pool Size=30;Connection Lifetime=120;Connection Timeout=60;Incr Pool Size=5; Decr Pool Size=2;" providerName="Oracle.DataAccess.Client" />_
**********
**********
**********
27.://**.**.**//***2.60:1521/orcl;Min Pool Size=10;Max Pool Size=30;Incr Pool Size=5; Decr Pool Size=2;" providerName="Oracle.DataAccess.Client" />_
**********
**********
*****2:*****
**********
*****区*****
*****^^.92" port=&*****
**********
28.://**.**.**/><endpoint address="http://*****.40:7001/AirSalesWS/remote/ForeignWeb/YhqService"_
**********
*****rlinesYhqService.IYhqServicePortType&q*****
**********
29.://**.**.**//*****.40:7001/AirSalesWS/remote/ForeignWeb/LyService" binding="basicHttpBinding" contract="LyService.ILyServicePortType" name="ILyServiceHttpPort" />_
**********
30.://**.**.**//***1.59:9001/AirSalesBiWS/springairline/remoteservice/otherdetailWS" binding="basicHttpBinding" contract="SpringAirlinesBIService.OtherDetailWS_bizPortType" name="OtherDetailWS_bizHttpPort" />_
**********
31.://**.**.**//***0.51:5001/services/AsaLossReportWs" binding="basicHttpBinding" contract="AsaWebService.AsaLossReportWsPortType" name="AsaLossReportWsHttpPort" />_
**********
32.://**.**.**//***1.55:8013/Services/SpringAirlinesService.svc" binding="netTcpBinding" contract="SpringAirlinesWCFService.ISpringAirlinesService" name="NetTcpBinding_ISpringAirlinesService"/>_
**********
33.://**.**.**//*****.40:7001/AirSalesWS/remote/ForeignWeb/ManageService"_
**********
*****quot;basicHtt*****
**********
*****inesICustService.IMan*****
**********
*****anageServiceHtt*****
*****3:*****
*****;appSett*****
*****!--航班时刻表查询白名*****
*****
*****
34.://**.**.**//foc.9cair.com/web/seasonPlan.jsonjsonpcallback=jsonp1340853354774"/> <!--航班时刻表获取url-->_
*****险相^*****
35.://**.**.**//dicc.ins24.com/ah/session" />_
36.://**.**.**//dicc.ins24.com/ah/pdf_printer/policies" />_
*****quot; value=&qu*****
*****t; value="s*****
***** *****
*****n" value=&quo*****
*****led" value=&*****
*****头由16位纯数字*****
*****value="208810*****
*****^^字和字母组^*****
*****ue="9irdgr6sx8a7s2*****
*****宝网^*****
37.://**.**.**//mapi.alipay.com/gateway.do" />_
*****^^取成功后^*****
38.://**.**.**//j.springairlines.com/Alipay/AlipayResult" />_
*****^^定成功^*****
39.://**.**.**//j.springairlines.com/Alipay/Successful" />_
*****^录加^*****
*****uot; value="123*****
40.://**.**.**//www.passport.com/login/shareSsoLogin"/>_
41.://**.**.**//www.ssoair.com"/>_
*****t; value="2*****
*****uot; value="S*****
***** *****
***** *****
***** *****
***** *****
42.://**.**.**//www.ssoair.com"/>_
*****录日^*****
*****t; value="2*****
*****uot; value="S*****
*****
*****
*****ies 设*****
*****ot; value="*****
*****ot; value="*****
*****t; value=".chi*****
**********
*****接口发^*****
*****p" value=&q*****
*****me" value=&qu*****
*****" value="*****
*****" value=&q*****
***** *****
*****^^邮箱^*****
*****alue="service@to*****
*****; value="211.*****
*****t" value=&*****
*****e" value=&qu*****
*****d" value=&qu*****
*****uot; value=&quot*****
***** *****
*****送设^*****
*****t; value="D:\*****
*****\springairlinesjp\App_Data\w*****
**********
*****险相^*****
43.://**.**.**//dicc.ins24.com/ah/session" />_
44.://**.**.**//dicc.ins24.com/ah/pdf_printer/policies" />_
*****quot; value=&qu*****
*****t; value="s*****
**********
45.://**.**.**//j.springairlines.com" />_
46.://**.**.**//jd.china-sss.com" />_
*****\website\springairlinesjp\C*****
**********
*****果提交^*****
47.://**.**.**//j.springairlines.com" />_
48.://**.**.**//j.springairlines.com" />_
**********
*****s登陆*****
49.://**.**.**//j.springairlines.com" />_
***** *****
*****^^加^*****
*****uot; value=&quo*****
*****ot; value=&quot*****
*****
*****
*****ion名^*****
*****quot; value=&quot*****
*****mit" value=&q*****
*****mit" value=&q*****
*****
*****
*****;!-*****
*****宝^*****
*****uot; value="*****
*****p73h1435Y1X3m08c36bo68ym87m84*****
50.://**.**.**//www.yeepay.com/app-merchant-proxy/node"/>_
*****gt;*****
*****ML配置^*****
*****quot;/Content/SpringChart/*****
**********
*****^^密^*****
*****alue="71A2B3*****
*****lue="0000000*****
*****t; value="888*****
*****通商^*****
*****网银*****
51.://**.**.**//www.econ.ne.jp/odr/rcv/rcv_odr.aspx"/>_
*****ot; value="81*****
*****店支付*****
52.://**.**.**//www.econ.ne.jp/odr/rcv/rcv_odr.aspx"/>_
***** value="8110*****
*****quot; value=&qu*****
**********
*****票 是否^*****
*****quot; value=&q*****
*****一次清空^*****
*****" value=&q*****
*****将被加入黑*****
*****ot; value=&quo*****
**********
*****^^刷^*****
*****Time" value*****
*****ticketing@ctrip.com,ljj@17u*****
**********
*****gt;<!--航班时刻表查询^*****
*****
*****
53.://**.**.**//******:4005/web/seasonPlan.jsonjsonpcallback=jsonp1340853354774"/><!--航班时刻表获取url-->_
*****^^际情况修改IP即可^*****
54.://**.**.**//******.81:61616connection.AsyncSend=true"/>_
*****队列^*****
*****ion" value=&quo*****
*****^加密^*****
*****uot; value=&quo*****
*****员userId,*****
*****; value="2*****
*****value="9C06*****
*****^^SSO-*****
*****ue="8db2f07d0f5e48*****
***** value="9C00211*****
*****^^SSO-*****
**********
*****材料存储的FTP服务器*****
**********
*****oducti*****
*****; value="***********
*****rName" value=*****
*****sword" value=&*****
*****^^的图^*****
*****quot; value=".jpg*****
*****最大限^*****
*****ize" value=*****
*****^^三字^*****
*****quot; value="BKK,*****
*****" value=&q*****
**********
*****^问限制,所以配^*****
55.://**.**.**//127.0.0.1"/>_
**********
*****^^否 是日分*****
*****er" value=&*****
**********
56.://**.**.**//pay.ips.com.cn/icpay/customization/chinassssimple/ordersubmit.aspx "/>_
*****ot; value="81*****
*****t; value="81*****
*****uot;/App_Data/DHpay/9*****
*****/App_Data/DHpay/99bill.c*****
57.://**.**.**//www.99bill.com/fxapi/unified/request.htm"/>_
*****" value=&qu*****
58.://**.**.**//epay.cmbc.com.cn/ipad/service.html"/>_
*****; value="2014-*****
*****uot; value="8*****
*****^^间跳*****
59.://**.**.**//www.ch.com" />_
60.://**.**.**//www.ch.com/Btg/BtgIndex" />_
61.://**.**.**//" />_
62.://**.**.**//order.ch.com" />_
63.://**.**.**//flights.ch.com/search" />_
64.://**.**.**//payment.ch.com" />_
65.://**.**.**//help.ch.com" />_
66.://**.**.**//passport.ch.com" />_
67.://**.**.**//i.ch.com" />_
68.://**.**.**//pages.ch.com" />_
69.://**.**.**//jp.ch.com"/>_
**********
**********
*****ue="9C0021131*****
*****quot;8db2f07d0f5e48bb*****
70.://**.**.**//jp.ch.com"/>_
**********
**********
*****^返 东京(成^*****
*****" value="[N*****
**********
**********
*****ettin*****
*****de&g*****
**********
*****^指出,你^*****


0x03:

<appSettings>
<add key="WhiteIp" value=""/><!--航班时刻表查询白名单,ip地址之间用逗号分隔-->

<add key="FlightTimeTable" value="http://foc.9cair.com/web/seasonPlan.json?jsonpcallback=jsonp1340853354774"/> <!--航班时刻表获取url-->
<!--延误险相关-->
<add key="ywxSign" value="http://dicc.ins24.com/ah/session" />
<add key="downYwxSign" value="http://dicc.ins24.com/ah/pdf_printer/policies" />
<add key="ywxUname" value="cqhk" />
<add key="ywxUpwd" value="spring89" />

<add key="webpages:Version" value="2.0.0.0" />
<add key="webpages:Enabled" value="false" />
<!--合作身份者ID,以2088开头由16位纯数字组成的字符串-->
<add key="AlipayID" value="2088101909164661"/>
<!--交易安全检验码,由数字和字母组成的32位字符串-->
<add key="AlipayCheckCode" value="9irdgr6sx8a7s20905ndvqhp77jeeerg"/>
<!--支付宝网关-->
<add key="AlipayGateway" value="https://mapi.alipay.com/gateway.do?" />
<!--支付宝实名数据获取成功后跳转的界面-->
<add key="AlipayResult" value="http://j.springairlines.com/Alipay/AlipayResult" />
<!--支付宝账户绑定成功通知界面-->
<add key="AlipaySuccessful" value="http://j.springairlines.com/Alipay/Successful" />
<!--单点登录加密key-->
<add key="CrossDomainAesKey" value="123qweQWEzxcrtyf"/>
<add key="shareSsoUrl" value="http://www.passport.com/login/shareSsoLogin"/>
<add key="retUrl" value="http://www.ssoair.com"/>
<add key="RegDate" value="2011-10-27"/>
<add key="DomainAppName" value="SpringAirlines"/>




<add key="retUrl" value="http://www.ssoair.com"/>
<!--可登录日期-->
<add key="RegDate" value="2011-10-28"/>
<add key="DomainAppName" value="SpringAirlines"/>

<!--cookies 设置-->
<add key="codelang" value="Code_Lang" />
<add key="I18nCode" value="Code_Lang" />
<add key="CookiesDomain" value=".china-sss.com" />
<!--是否用新接口发送邮件-->
<add key="IsUseNewsmtp" value="Yes"/>
<add key="NewsenderUserName" value="yangmian"/>
<add key="NewsenderPassword" value="Zrhfxszdd3]"/>
<add key="EnableSSL" value="false"/>

<!--自动发送邮箱设置-->
<add key="senderAddress" value="service@top.china-sss.com"/>
<add key="senderSmtp" value="211.144.86.30"/>
<add key="senderPort" value="2503"/>
<add key="senderUserName" value="root" />
<add key="senderPassword" value="!@#$%^" />
<add key="EnableSSL" value="false" />

<!--PDF发送设置-->
<add key="pdfSavePath" value="D:\orderdetail\"/>
<add key="pdfEXE" value="D:\website\springairlinesjp\App_Data\wkhtmltopdf\wkhtmltopdf.exe"/>
<!--延误险相关-->
<add key="ywxSign" value="http://dicc.ins24.com/ah/session" />
<add key="downYwxSign" value="http://dicc.ins24.com/ah/pdf_printer/policies" />
<add key="ywxUname" value="cqhk" />
<add key="ywxUpwd" value="spring89" />
<add key="domain" value="http://j.springairlines.com" />
<add key="hoteldomain" value="http://jd.china-sss.com" />
<add key="MerchantList" value="D:\website\springairlinesjp\Content\MerchantList.xml"/>
<!-- 支付结果提交地址-->
<add key="payResultUrl" value="http://j.springairlines.com" />
<add key="AliPayReturnDomain" value="http://j.springairlines.com" />
<!--https登陆-->
<add key="httpsDomain" value="http://j.springairlines.com" />

<!--邮件加密-->
<add key="mailKey" value="aaaaaa"/>
<add key="mailIv" value="111111"/>

<!--session名称-->
<add key="oldsessionid" value="sss%5Fsid" />
<add key="oldsessionminlimit" value="200001" />
<add key="oldsessionmaxlimit" value="400000" />

<!--
易宝支付
<add key="merhantId" value="10001708016"/>
<add key="keyValue" value="NoCUEBeDp73h1435Y1X3m08c36bo68ym87m84lJtT87P0PJT50GIgLF9WS77"/>
<add key="authorizationURL" value="https://www.yeepay.com/app-merchant-proxy/node"/>
-->
<!--航图网XML配置地址-->
<add key="SpringChartConfig" value="/Content/SpringChart/SpringChartConfig.xml"/>
<!--华腾密码-->
<add key="htkey" value="71A2B3C904D5E6F8"/>
<add key="htiv" value="0000000000000000"/>
<add key="htContactNo" value="888880111110001"/>
<!--商旅通商户号-->
<!--dg网银-->
<add key="dgPayostUrl" value="https://www.econ.ne.jp/odr/rcv/rcv_odr.aspx"/>
<add key="dbPaychkCode" value="811022020023"/>
<!--dg便利店支付配置-->
<add key="dgStorePostUrl" value="https://www.econ.ne.jp/odr/rcv/rcv_odr.aspx"/>
<add key="chkCode" value="811022020023"/>
<add key="isTestIp" value="false"/>
<!--防刷新机票 是否开启-->
<add key="isOpen" value="1"/>
<!--多少小时清理一次清空静态变量-->
<add key="Cleartime" value="72"/>
<!--一天内访问xx次将被加入黑名单限制-->
<add key="Hits" value="20000"/>
<!--防止刷新-->
<add key="isOverCountTime" value="1.5"/>
<add key="RefreshList" value="airticketing@ctrip.com,ljj@17u.com,chunqiuair@qunar.com"/>
<add key="WhiteIp" value="211.151.33.9"/><!--航班时刻表查询白名单,ip地址之间用逗号分隔-->

<add key="FlightTimeTable" value="http://192.168.210.86:4005/web/seasonPlan.json?jsonpcallback=jsonp1340853354774"/><!--航班时刻表获取url-->
<!--ActiveMQ服务器连接字符串(根据实际情况修改IP即可,其他请不要修改)-->
<add key="BrokerUri" value="tcp://192.168.190.81:61616?connection.AsyncSend=true"/>
<!--测试队列名称-->
<add key="NormalQueueDestination" value="payyingda"/>
<!--新接口加密串-->
<add key="Password1" value="Mc2"/>
<!--非注册会员userId,custId-->
<add key="userId" value="200000"/>
<add key="custId" value="9C0600000000"/>
<!--新版SSO-->
<add key="SpringGatewayCode" value="8db2f07d0f5e48bb84cf6444cf639434"/>
<add key="SpringGatewayId" value="9C00211312241938530009"/>
<!--新版SSO-->
<!--敏感信息存储:限制性常旅客 证明材料存储的FTP服务器信息 by francis 2014-02-13-->
<!--production-->
<add key="SenertiveFtpIP" value="192.168.191.77/airlines"/>
<add key="SenertiveFtpUserName" value="ftpuser"/>
<add key="SenertiveFtpIPPassword" value="abcd1234"/>
<!--允许上传的图片格式-->
<add key="AllowedImageExtentions" value=".jpg,.jpeg,.png,.gif"/>
<!--证明材料最大限制(KB)-->
<add key="UploadFileSize" value="100"/>
<!--泰国机场三字码集合-->
<add key="AirportCodesOfThailand" value="BKK,REP,HKT,BKI,CNX"/>
<add key="rifenbiao" value="IJ"/>
<!--某些邮件在抓取网页模板时访问限制,所以配置访问本地的模板-->
<add key="EmailDomain" value="http://127.0.0.1"/>
<!--当前的服务器 是否 是日分的服务器-->
<add key="isJapanServer" value="true"/>
<add key="SGDpay" value="https://pay.ips.com.cn/icpay/customization/chinassssimple/ordersubmit.aspx "/>
<add key="dbPaychkCode9C" value="815060202625"/>
<add key="chkCode9C" value="815060202625"/>
<add key="DHpaypfx" value="/App_Data/DHpay/99bill-rsa.pfx"/>
<add key="DHpaycer" value="/App_Data/DHpay/99bill.cert.rsa.20140728.cer"/>
<add key="DHpay99bill" value="https://www.99bill.com/fxapi/unified/request.htm"/>
<add key="DHpayPasswd" value="123456"/>
<add key="MSpayUrl" value="https://epay.cmbc.com.cn/ipad/service.html"/>
<add key="luckynumberend" value="2014-12-12 00:00:00"/>
<add key="dbPaychkCodeB2B" value="821022020023"/>
<!--服务器间跳转-->
<add key="HomeDomain" value="http://www.ch.com" />
<add key="BtgDomain" value="http://www.ch.com/Btg/BtgIndex" />
<add key="BookDomain" value="https://" />
<add key="OrderDomain" value="https://order.ch.com" />
<add key="SearchDomain" value="http://flights.ch.com/search" />
<add key="PayDomain" value="https://payment.ch.com" />
<add key="HelpDomain" value="http://help.ch.com" />
<add key="PassportDomain" value="https://passport.ch.com" />
<add key="I_Domain" value="https://i.ch.com" />
<add key="Miaosha" value="http://pages.ch.com" />
<add key="JapanDomain" value="http://jp.ch.com"/>
<add key="SSOID" value="9C00211312241938530009"/>
<add key="SSOCODE" value="8db2f07d0f5e48bb84cf6444cf639434"/>
<add key="SSODOMAIN" value="https://jp.ch.com"/>
<!--东京(成田)- 重庆 往返 东京(成田)- 重庆 往返-->
<add key="IJInternationalFlight" value="[NRT-WUH],[NRT-CKG]"/>
</appSettings>


其它不再一一指出,你懂得

</mask>

修复方案:

求礼物,求飞机模型!求礼物,求飞机模型!求礼物,求飞机模型!求礼物,求飞机模型!求礼物,求飞机模型!求礼物,求飞机模型!求礼物,求飞机模型!求礼物,求飞机模型!求礼物,求飞机模型!求礼物,求飞机模型!求礼物,求飞机模型!求礼物,求飞机模型!求礼物,求飞机模型!求礼物,求飞机模型!求礼物,求飞机模型!求礼物,求飞机模型!求礼物,求飞机模型!求礼物,求飞机模型!求礼物,求飞机模型!求礼物,求飞机模型!

版权声明:转载请注明来源 路人甲@乌云


漏洞回应

厂商回应:

危害等级:高

漏洞Rank:15

确认时间:2015-11-11 14:52

厂商回复:

已收到,谢谢。

最新状态:

暂无