当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2012-011087

漏洞标题:悦已女性网后台SQL注入

相关厂商:悦已女性网

漏洞作者: zhk

提交时间:2012-08-20 10:55

修复时间:2012-10-04 10:55

公开时间:2012-10-04 10:55

漏洞类型:SQL注射漏洞

危害等级:高

自评Rank:15

漏洞状态:未联系到厂商或者厂商积极忽略

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:


漏洞详情

披露状态:

2012-08-20: 积极联系厂商并且等待厂商认领中,细节不对外公开
2012-10-04: 厂商已经主动忽略漏洞,细节向公众公开

简要描述:

悦已女性网后台SQL注入

详细说明:

http://bg.self.com.cn/admin/
登录处存在SQL注入

漏洞证明:

Database: selfcms_0617
[53 tables]
+---------------------------------------+
| interface_pushdata |
| interface_ucdata |
| iphone_ad |
| iphone_app |
| iphone_cat |
| iphone_catbind |
| iphone_news |
| iphone_news_pic |
| news_backup |
| news_btest |
| news_btestlist |
| news_btestrconf |
| news_btestresult |
| news_btesttitle |
| news_bvote |
| news_bvotelist |
| news_bvoteresult |
| news_bvotetext |
| news_bvotetitle |
| news_cat |
| news_click |
| news_collect |
| news_comment |
| news_gallery |
| news_gallerybackup |
| news_good |
| news_link |
| news_linkcat |
| news_list |
| news_pic |
| news_publish |
| news_relation |
| news_sorelation |
| news_source |
| news_tagorder |
| news_tagorderbak |
| news_taguser |
| news_temptag |
| news_temptagorder |
| news_temptagorderbak |
| news_type |
| sys_log |
| sys_model |
| sys_relation |
| sys_role |
| sys_safe |
| sys_sessions |
| sys_user |
| t_blog |
| t_home |
| wap_cat |
| wap_catbind |
| wap_news |
+---------------------------------------+
Database: selfibeauty
[7 tables]
+---------------------------------------+
| ibeauty2012_answer |
| ibeauty2012_brand |
| ibeauty2012_cat |
| ibeauty2012_cookie |
| ibeauty2012_product |
| ibeauty2012_success |
| ibeauty2012_user |
+---------------------------------------+
Database: selfcms
[53 tables]
+---------------------------------------+
| interface_pushdata |
| interface_ucdata |
| iphone_ad |
| iphone_app |
| iphone_cat |
| iphone_catbind |
| iphone_news |
| iphone_news_pic |
| news_backup |
| news_btest |
| news_btestlist |
| news_btestrconf |
| news_btestresult |
| news_btesttitle |
| news_bvote |
| news_bvotelist |
| news_bvoteresult |
| news_bvotetext |
| news_bvotetitle |
| news_cat |
| news_click |
| news_collect |
| news_comment |
| news_gallery |
| news_gallerybackup |
| news_good |
| news_link |
| news_linkcat |
| news_list |
| news_pic |
| news_publish |
| news_relation |
| news_sorelation |
| news_source |
| news_tagorder |
| news_tagorderbak |
| news_taguser |
| news_temptag |
| news_temptagorder |
| news_temptagorderbak |
| news_type |
| sys_log |
| sys_model |
| sys_relation |
| sys_role |
| sys_safe |
| sys_sessions |
| sys_user |
| t_blog |
| t_home |
| wap_cat |
| wap_catbind |
| wap_news |
+---------------------------------------+
Database: information_schema
[37 tables]
+---------------------------------------+
| CHARACTER_SETS |
| COLLATIONS |
| COLLATION_CHARACTER_SET_APPLICABILITY |
| COLUMNS |
| COLUMN_PRIVILEGES |
| ENGINES |
| EVENTS |
| FILES |
| GLOBAL_STATUS |
| GLOBAL_VARIABLES |
| INNODB_CMP |
| INNODB_CMPMEM |
| INNODB_CMPMEM_RESET |
| INNODB_CMP_RESET |
| INNODB_LOCKS |
| INNODB_LOCK_WAITS |
| INNODB_TRX |
| KEY_COLUMN_USAGE |
| PARAMETERS |
| PARTITIONS |
| PLUGINS |
| PROCESSLIST |
| PROFILING |
| REFERENTIAL_CONSTRAINTS |
| ROUTINES |
| SCHEMATA |
| SCHEMA_PRIVILEGES |
| SESSION_STATUS |
| SESSION_VARIABLES |
| STATISTICS |
| TABLES |
| TABLESPACES |
| TABLE_CONSTRAINTS |
| TABLE_PRIVILEGES |
| TRIGGERS |
| USER_PRIVILEGES |
| VIEWS |
+---------------------------------------+

修复方案:

过滤吧

版权声明:转载请注明来源 zhk@乌云


漏洞回应

厂商回应:

未能联系到厂商或者厂商积极拒绝


漏洞评价:

评论

  1. 2012-08-21 17:37 | Vty ( 普通白帽子 | Rank:199 漏洞数:37 )

    后台有验证码,你怎么注入啊,又是手工牛,一次次的手动档

  2. 2012-08-21 20:27 | Viigoss ( 实习白帽子 | Rank:36 漏洞数:5 | viigoss)

    POST,想进去,需要注入?

  3. 2012-08-22 09:37 | Vty ( 普通白帽子 | Rank:199 漏洞数:37 )

    @Viigoss 昨天有人绕过了