漏洞概要 关注数(24) 关注此漏洞
缺陷编号:wooyun-2015-0146345
漏洞标题:好老师联盟某站报错注入
相关厂商:hlslm.cn
漏洞作者: 路人甲
提交时间:2015-10-13 11:21
修复时间:2015-10-18 11:22
公开时间:2015-10-18 11:22
漏洞类型:SQL注射漏洞
危害等级:高
自评Rank:15
漏洞状态:漏洞已经通知厂商但是厂商忽略漏洞
漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]
Tags标签: 无
漏洞详情
披露状态:
2015-10-13: 细节已通知厂商并且等待厂商处理中
2015-10-18: 厂商已经主动忽略漏洞,细节向公众公开
简要描述:
/**/
详细说明:
漏洞证明:
126个库
available databases [126]:
[*] 021gaokao.com
[*] 16qianjin_2013
[*] 16qianjin_2013_2
[*] 21edu
[*] 21edu1
[*] 21edu2
[*] 21eedu
[*] 51qiuxue
[*] 52eedu
[*] 52qiuxue
[*] backup
[*] bbs_52qiuxue
[*] bbs_52qiuxue20150805
[*] bbs_52qiuxue_20150703
[*] bbs_52qiuxue_20150804
[*] bbs_52qiuxue_backup20150703
[*] bfdly.com
[*] bfdly.com_new
[*] bfdly_com
[*] ceqiuxue
[*] dedecmsv57utf8sp1
[*] destoon
[*] efyingyu.com
[*] gt.52qiuxue.com
[*] hangjinxue
[*] hdm0360223_db
[*] htlx.iacliuxue.net_new
[*] huatong.cliuxue.net
[*] huatong.iacliuxue.org
[*] huatongbefoundfcom
[*] huatongbefoundfcombak
[*] huatongbefoundfcombbak
[*] ihuatong.com
[*] information_schema
[*] jh.ydyjiajiao.org
[*] jinghan.zhilife.net
[*] jinghantj.com
[*] jingrui
[*] jingrui1v1.com
[*] jr.ydyfudao.com
[*] jztjy.cn
[*] luntan
[*] luntantest1011
[*] maisiling
[*] moban_huatong
[*] my021gaokao
[*] my97today
[*] mybtxueda
[*] mycdxueda
[*] mycqxueda
[*] myczxueda
[*] mydg-seiko
[*] mydgxueda
[*] mydlxueda
[*] myfsxueda
[*] myhhhtxueda
[*] myhuizxueda
[*] mymupingwang
[*] myncxueda
[*] mynjlvying
[*] mynnxueda
[*] myshjingh
[*] mysql
[*] mysql_log
[*] mysuzxueda
[*] mytyxueda
[*] mywinnetcap
[*] mywzxueda
[*] myxmxueda
[*] myxuedacs
[*] myxyxueda
[*] myytxueda
[*] nice
[*] njlvying.com
[*] novel
[*] performance_schema
[*] phpcms
[*] ppc
[*] ppcall.befound.cn
[*] qdxueda.cn
[*] qiaowai
[*] qwiacliuxuenet
[*] ruisiyingyu.com
[*] sq_sinobm
[*] sunmax
[*] sunmaxtest
[*] szjuzhitang.com
[*] ultrax
[*] vip.befound.cn
[*] vzmer00376
[*] www.1v1buxi.net
[*] www.1v1buxi.org/huatong
[*] www.1v1buxi.org/zhongqing
[*] www.aicansi.com
[*] www.aicansi.com/huatong
[*] www.bf1v1.org
[*] www.bfdeu.com/zhongqing
[*] www.bfdeu.com/zhongqing2
[*] www.bliuxue.net
[*] www.cpbo.cn/huatong
[*] www.k12-edu.org/zhongqing
[*] www.libro.cn/huatong
[*] www.mupingwang.com
[*] www.qzj999.com/zhongqing
[*] www.sdfyme.com/huatong
[*] www.tzun.cn/zhongqing
[*] www.ydy114.org/huatong
[*] www_51fudao_org_xxq
[*] wwwchuguoyiminnet_qw
[*] wwwcnadicn_qw
[*] wwwedubuxnet
[*] wwwedupeixcom
[*] wwwedupeixcombak
[*] wwwgexingfudaonetjinghan
[*] wwwivcdcn_qiaowai
[*] wwwpcfmcn_qiaowai
[*] wwwssjzhcom_qiaowai
[*] xajuzhitang.com
[*] yuejiliuxue.com
[*] yzm_usercenter
[*] zgjhjy.zhilife.net
[*] zhishenghuo.org
[*] zjht.befoundg.com
[*] zjht.befoundg.com.bak
[*] zqsa
[*] zt00p1_db
修复方案:
版权声明:转载请注明来源 路人甲@乌云
漏洞回应
厂商回应:
危害等级:无影响厂商忽略
忽略时间:2015-10-18 11:22
厂商回复:
漏洞Rank:4 (WooYun评价)
最新状态:
暂无