2015-07-14: 细节已通知厂商并且等待厂商处理中 2015-07-14: 厂商已经确认,细节仅向厂商公开 2015-07-24: 细节向核心白帽子及相关领域专家公开 2015-08-03: 细节向普通白帽子公开 2015-08-13: 细节向实习白帽子公开 2015-08-28: 细节向公众公开
一个是主站git信息泄露 另一个是管理后台SVN泄露 http://mimi.spriteapp.com/.svn/entries http://spriteapp.com/.git/config
全部数据库信息:
cache'=>array( 'class'=>'system.caching.CMemCache', 'servers'=>array( array('host'=>'192.168.133.84', 'port'=>11211), array('host'=>'192.168.133.231', 'port'=>11211), ), 'keyPrefix' => '', 'hashKey' => false, 'serializer' => false ), 'cache_mi'=>array( 'class'=>'system.caching.CMemCache', 'servers'=>array( array('host'=>'192.168.133.67', 'port'=>11211), ), 'keyPrefix' => '', 'hashKey' => false, 'serializer' => false ), 'redis'=>array( 'class'=>'system.caching.CRedisCache', 'servers'=>array( array('host'=>'192.168.133.91', 'port'=>6179), ), ), 'redis_voice'=>array( 'class'=>'system.caching.CRedisCache', 'servers'=>array( array('host'=>'192.168.133.249', 'port'=>6079,'password'=>'85fsv#wgJmLgJQhyQfsyOJ11l1xiG3XZ'), ), ), //wangweifeng add redis_video 'redis_video'=>array( 'class'=>'system.caching.CRedisCache', 'servers'=>array( array('host'=>'192.168.133.249', 'port'=>6079,'password'=>'85fsv#wgJmLgJQhyQfsyOJ11l1xiG3XZ'), ), ), 'redis_mi'=>array( 'class'=>'system.caching.CRedisCache', 'servers'=>array( // array('host'=>'192.168.133.92', 'port'=>7579), array('host'=>'192.168.133.67', 'port'=>6279,'password'=>'85fsv#wgJmLgJQhyQfsyOJ11l1xiG3XZ'), ), ), /* 'db'=>array( 'connectionString' => 'sqlite:'.dirname(__FILE__).'/../data/testdrive.db', ), */ // uncomment the following to use a MySQL database 'db'=>array( 'connectionString' => 'mysql:host=cool.jie.c;port=3344;dbname=jie', 'emulatePrepare' => true, 'username' => 'reborn', 'password' => 'newlife', 'charset' => 'utf8', ), 'mi_db'=>array( 'connectionString' => 'mysql:host=192.168.133.67;port=3322;dbname=mimi', 'emulatePrepare' => true, 'username' => 'reborn', 'password' => 'newlife', 'charset' => 'utf8', 'class' => 'CDbConnection', ), 'mi_cms_db'=>array( 'connectionString' => 'mysql:host=db2.jie.c;port=3311;dbname=mi_data', 'emulatePrepare' => true, 'username' => 'heyz', 'password' => 'heyzmysql2011', 'charset' => 'utf8', 'class' => 'CDbConnection', ), 'jie_cms_db'=>array( 'connectionString' => 'mysql:host=db1.jie.c;port=3310;dbname=jie_data', 'emulatePrepare' => true, 'username' => 'heyz', 'password' => 'heyzmysql2011', 'charset' => 'utf8', 'class' => 'CDbConnection', ), 'mi_auto_db'=>array( 'connectionString' => 'mysql:host=db2.jie.c;port=3311;dbname=sys_info', 'emulatePrepare' => true, 'username' => 'heyz', 'password' => 'heyzmysql2011', 'charset' => 'utf8', 'class' => 'CDbConnection', ), 'jie_auto_db'=>array( 'connectionString' => 'mysql:host=db1.jie.c;port=3310;dbname=sys_info', 'emulatePrepare' => true, 'username' => 'heyz', 'password' => 'heyzmysql2011', 'charset' => 'utf8', 'class' => 'CDbConnection', ), 'jie_msg_db'=>array( 'connectionString' => 'mysql:host=cool;port=3344;dbname=jie', 'emulatePrepare' => true, 'username' => 'reborn', 'password' => 'newlife', 'charset' => 'utf8', 'class' => 'CDbConnection', ), 'mi_msg_db'=>array( 'connectionString' => 'mysql:host=192.168.133.67;port=3322;dbname=mimi', 'emulatePrepare' => true, 'username' => 'reborn', 'password' => 'newlife', 'charset' => 'utf8', 'class' => 'CDbConnection', ), 'open_mi_db'=>array( 'connectionString' => 'mysql:host=192.168.133.230;port=3310;dbname=admin', 'emulatePrepare' => true, 'username' => 'heyz', 'password' => 'heyzmysql2011', 'charset' => 'utf8', 'class' => 'CDbConnection', ), 'operate_log'=>array( 'connectionString' => 'mysql:host=192.168.133.230;port=3310;dbname=cron', 'emulatePrepare' => true, 'username' => 'heyz', 'password' => 'heyzmysql2011', 'charset' => 'utf8', 'class' => 'CDbConnection',
<?php$config['config_db'] =array( "user" => "heyz", "password" => "heyzmysql2011", "dsn" => "mysql:host=192.168.133.230;port=3310;dbname=config");$config['redis'] = array( "servers" => "192.168.133.183:6079", "password" => "85fsv#wgJmLgJQhyQfsyOJ11l1xiG3XZ", );$config['redis_conf_key'] = "config_hash_";$config['bg_voice_key'] = 'v_s_bglist';$config['voice_db'] =array( "user" => "reborn", "password" => "newlife", "dsn" => "mysql:host=cool.jie.c;port=3344;dbname=jie");$config["bvdomain"] = "http://img.spriteapp.cn";
<?php$config['redisConf'] = array('server'=>'192.168.133.183:6079', "password"=>"85fsv#wgJmLgJQhyQfsyOJ11l1xiG3XZ", );$config['key'] = '_web_flow_';$config['fg_queue_key'] = array( 'text'=>'_web_text_queue_', 'pic'=>'_web_pic_queue_', 'audio'=>'_web_audio_queue_');$config['fastdfsConf'] = array( 'voice'=>'192.168.133.85:33133', 'picture'=>'192.168.133.87:33233');$config['domain'] = array( "voice"=>"http://voice.spriteapp.com", "picture"=>"http://picture.spriteapp.com", "bvdomain"=>"http://img.spriteapp.com", "static"=>'http://sp.budejie.com',);$config['db'] = array( "user" => "reborn", "password" => "newlife", "dsn" => "mysql:host=192.168.133.68;port=3344;dbname=jie");$config['range'] = 'day';$config['comment_show_count'] = 3;
其他乱七八糟就不贴了..
危害等级:高
漏洞Rank:19
确认时间:2015-07-14 12:05
修。。。。。。
暂无
卧槽厂商,我先提交的你们怎么不确认?坑爹啊
