当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2016-0200725

漏洞标题:青芒果房管家某重要系统注入一枚(泄露大量数据/1053个表/百万数据/千万记录)

相关厂商:青芒果房管家

漏洞作者: T0n9@X1a0J1e

提交时间:2016-04-26 11:31

修复时间:2016-05-05 20:40

公开时间:2016-05-05 20:40

漏洞类型:SQL注射漏洞

危害等级:高

自评Rank:20

漏洞状态:漏洞已经通知厂商但是厂商忽略漏洞

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2016-04-26: 细节已通知厂商并且等待厂商处理中
2016-05-05: 厂商已经主动忽略漏洞,细节向公众公开

简要描述:

只许州官放火,不许百姓点灯?

详细说明:

基本全部忽略真6

qmgwy.png


问题网站:

mask 区域 
1.http://**.**.**/


验证码问题可爆破
弱口令登陆:
hr
123456

qmg1.png


登陆后访问注入点

mask 区域 
1.http://**.**.**/modroom.aspxid=33757


qmg3.png


数据库信息

qmgwy1.png


表信息

Database: rest
+-------------------------------------------+---------+
| Table                                     | Entries |
+-------------------------------------------+---------+
| dbo.huLog                                 | 17427336 |
| dbo.syncobj_0x3135463743383230            | 15807955 |
| dbo.v_hotelprice_all                      | 12561408 |
| dbo.v_hotelprice_all                      | 12561408 |
| dbo.syncobj_0x4330383833314333            | 11219967 |
| dbo.syncobj_0x4143463142453231            | 6869549 |
| dbo.hotellevel                            | 6869541 |
| dbo.UsersRedpackets                       | 6391341 |
| dbo.v_hblist                              | 6386734 |
| dbo.syncobj_0x3630393943413033            | 4787471 |
| dbo.HotelOrderLog                         | 4787445 |
| dbo.syncobj_0x4138304444363231            | 3603548 |
| dbo.hotelpricebatch_all                   | 3547135 |
| dbo.hotelpricebatch_bank                  | 3472733 |
| dbo.hotel_log                             | 3155476 |
| dbo.syncobj_0x3734343830453432            | 2946795 |
| dbo.v_hbcz                                | 2830511 |
| dbo.v_hbcz                                | 2830511 |
| dbo.v_hbmid                               | 2830511 |
| dbo.syncobj_0x3045464243333046            | 2716848 |
| dbo.syncobj_0x3636463646443838            | 2483890 |
| dbo.TP_InsuranceOrders                    | 2483890 |
| dbo.v_order_bonus                         | 2134002 |
| dbo.v_hotelorder_trueJY                   | 2134000 |
| dbo.Channel_DataPush_Log                  | 2051429 |
| dbo.Channel_DataPush_Log                  | 2051429 |
| dbo.orderuseragent                        | 2049273 |
| dbo.hotelorders_v                         | 1980968 |
| dbo.TP_17U_Scenery_Comment                | 1760146 |
| dbo.TP_17U_Scenery_Comment                | 1760146 |
| dbo.v_cityName                            | 1463507 |
| dbo.syncobj_0x3238304143393833            | 1463505 |
| dbo.sMail                                 | 1360170 |
| dbo.HotelPrice_bak                        | 1341423 |
| dbo.qmg_card_status                       | 1329312 |
| dbo.qmg_card_status                       | 1329312 |
| dbo.hotelorderrooms_bak                   | 1269410 |
| dbo.hotelorderrooms_bak                   | 1269410 |
| dbo.Jltour_HotelPriceID                   | 1182721 |
| dbo.Hds_HotelpriceBatch                   | 1172320 |
| dbo.HotelAttributedetail                  | 1147686 |
| dbo.HotelAttributedetail                  | 1147686 |
| dbo.syncobj_0x3439464632324146            | 1147686 |
| dbo.v_HotelAndRoomImg                     | 916076  |
| dbo.hotelorders_vv                        | 909999  |
| dbo.WapPayLog                             | 743035  |
| dbo.syncobj_0x4635344338393946            | 695014  |
| dbo.Hotelorders_Callbacklog               | 684108  |
| dbo.syncobj_0x4444433533394334            | 684108  |
| dbo.VIEW1                                 | 647311  |
| dbo.elong_Rateplan_Mapping_Log            | 643456  |
| dbo.scorelist                             | 626446  |
| dbo.Channel_HotelPriceBatch               | 604348  |
| dbo.Hds_NightlyRate_temp                  | 592110  |
| dbo.Hds_NightlyRate_temp                  | 592110  |
| dbo.hotelorders_bak                       | 590247  |
| dbo.hotelorders_bak                       | 590247  |
| dbo.syncobj_0x4544383744313441            | 563775  |
| dbo.availablehotels                       | 562615  |
| dbo.TimingPayApply                        | 543638  |
| dbo.Yqf_source                            | 543253  |
| dbo.syncobj_0x3642434636303234            | 507455  |
| dbo.v_cityHotel                           | 474920  |
| dbo.syncobj_0x3243333230463141            | 462538  |
| dbo.v_bijia_room_up_num                   | 462538  |
| dbo.IVRsendFax                            | 452297  |
| dbo.PayOperateRecord                      | 451421  |
| dbo.syncobj_0x3531433442303246            | 451198  |
| dbo.TP_ProductOrders_OpLog                | 451197  |
| dbo.IVRlog                                | 438306  |
| dbo.hotelroom_swith_quna                  | 397294  |
| dbo.UserBankList                          | 388704  |
| dbo.Hds_HotelDetail                       | 388550  |
| dbo.Hds_HotelList                         | 388550  |
| dbo.UserOrderBank                         | 375218  |
| dbo.elong_HotelSyncList                   | 363667  |
| dbo.QunarOrderStatus                      | 359235  |
| dbo.UserRecBank                           | 354856  |
| dbo.a_dianping1                           | 350241  |
| dbo.users_mobile_log                      | 345963  |
| dbo.OutDataMatch_DazhongId                | 344083  |
| dbo.OutDataMatch_DazhongId                | 344083  |
| dbo.Elong_HotelSyncDetail                 | 342930  |
| dbo.couponCode                            | 333906  |
| dbo.couponCode                            | 333906  |
| dbo.UserBankDetail                        | 321829  |
| dbo.hotel_tts_backup                      | 305849  |
| dbo.fangcang_HotelList                    | 294883  |
| dbo.fangcang_HotelList                    | 294883  |
| dbo.TP_Lvmama_Interface_Log               | 286863  |
| dbo.PayOrder                              | 274264  |
| dbo.syncobj_0x4543363246313331            | 273428  |
| dbo.Tags                                  | 273428  |
| dbo.HotelOrdersbackup                     | 272775  |
| dbo.v_hotelListPricehy                    | 263066  |
| dbo.v_hotelListPricehy                    | 263066  |
| dbo.hotel_qunarpc_backup                  | 261485  |
| dbo.tttt                                  | 260349  |
| dbo.PayApply                              | 250511  |
| dbo.MobileLoacting_31                     | 245801  |
| dbo.MobileLoacting_31                     | 245801  |
| dbo.PaySuccessedOrder                     | 236931  |
| dbo.redback_login                         | 227429  |
| dbo.redback_login                         | 227429  |
| dbo.Pms_ProcStatusLog                     | 224414  |
| dbo.usershare_mango_log                   | 224056  |
| dbo.usershare_mango_log                   | 224056  |
| dbo.NoshowLog                             | 220002  |
| dbo.NoshowLog                             | 220002  |
| dbo.OrderCallBackLog                      | 191574  |
| dbo.v_czlist                              | 186082  |
| dbo.v_czlist                              | 186082  |
| dbo.SystemModuleLog                       | 181631  |
| dbo.hotelroom_11111                       | 173614  |
| dbo.hotelroom_11111                       | 173614  |
| dbo.syncobj_0x4443323033413241            | 172196  |
| dbo.TP_ProductInfo_Input                  | 172196  |
| dbo.hotelroom_bak20141121                 | 171078  |
| dbo.TP_17U_OnLinePay_Interface_Log        | 169006  |
| dbo.hotelsmsconfirm                       | 164161  |
| dbo.syncobj_0x3238363939433438            | 164161  |
| dbo.NoAutoRefund                          | 161322  |
| dbo.hotelpaylog                           | 151824  |
| dbo.syncobj_0x3434363635353043            | 151824  |
| dbo.syncobj_0x3332323343443745            | 147440  |
| dbo.TTSorderSendstatus                    | 147438  |
| dbo.v_hotelprice_l                        | 134348  |
| dbo.Channel_Order_Mapping                 | 133491  |
| dbo.hotelorders_outtime                   | 132279  |
| dbo.syncobj_0x4131373439384542            | 132279  |
| dbo.qunar_1221_bak                        | 130670  |
| dbo.v_CLorder                             | 128908  |
| dbo.PushWeiXinLog                         | 126271  |
| dbo.v_TP_ProductOrders_Hotelid            | 120083  |
| dbo.v_TP_ProductOrders_Hotelid            | 120083  |
| dbo.syncobj_0x3133414231394231            | 120082  |
| dbo.Channel_OrderRequestStatus            | 119911  |
| dbo.qstatus                               | 118350  |
| dbo.HotelIMG_Status                       | 112611  |
| dbo.HotelIMG_Status                       | 112611  |
| dbo.sqlin                                 | 107947  |
| dbo.PayQueue                              | 107883  |
| dbo.syncobj_0x4242353246353836            | 106047  |
| dbo.tag_2013_05_59                        | 104893  |
| dbo.tag_2013_05_59                        | 104893  |
| dbo.Batch_ChaneRedLimit                   | 104538  |
| dbo.tag_temp                              | 102284  |
| dbo.tagtest                               | 100912  |
| dbo.room_limit_2013_5_21                  | 100750  |
| dbo.coupons                               | 100000  |
| dbo.syncobj_0x4234463044463635            | 98390   |
| dbo.smsrecv                               | 94287   |
| dbo.Channel_RoomID_Mapping                | 91465   |
| dbo.syncobj_0x3834303237303730            | 91465   |
| dbo.temp_baidumap                         | 90254   |
| dbo.syncobj_0x4544304241414631            | 87516   |
| dbo.v_HTags                               | 87516   |
| dbo.Re_Fax                                | 86816   |
| dbo.FLG_BIZLog                            | 86372   |
| dbo.bad                                   | 84581   |
| dbo.temp_930_MobileLoacting               | 84232   |
| dbo.HotelsInput                           | 83395   |
| dbo.syncobj_0x3531333642343539            | 83395   |
| dbo.syncobj_0x4131304546373645            | 83180   |
| dbo.hotels_products_manager               | 83149   |
| dbo.v_hotels_repeat                       | 77612   |
| dbo.HotelOrders_Webfrom                   | 76325   |
| dbo.syncobj_0x4131383638433237            | 76325   |
| dbo.hotelpay_old1                         | 74335   |
| dbo.hotelpay_old1                         | 74335   |
| dbo.syncobj_0x3446303144434232            | 74322   |
| dbo.elong_Ids_Mapping                     | 71408   |
| dbo.TP_Product_Parent_Pic                 | 70261   |
| dbo.TP_Product_Parent_Pic                 | 70261   |
| dbo.Hds_HotelGeo                          | 69372   |
| dbo.hotels_city                           | 68955   |
| dbo.hotels_city                           | 68955   |
| dbo.syncobj_0x4137323334333335            | 68684   |
| dbo.hotelorders_status_log                | 68670   |
| dbo.syncobj_0x3142443838453444            | 68359   |
| dbo.TP_ProductOrders_LockLog              | 67569   |
| dbo.TP_ProductOrders_LockLog              | 67569   |
| dbo.Bijia_elong_map_bak                   | 65535   |
| dbo.Bijia_elong_map_bak                   | 65535   |
| dbo.v_mubid                               | 62411   |
| dbo.RoomIMG_Status                        | 61997   |
| dbo.RoomIMG_Status                        | 61997   |
| dbo.a_dianping4                           | 60928   |
| dbo.Elong_ImgSyncDetail                   | 60644   |
| dbo.a_dianping2                           | 60329   |
| dbo.v_hotel_img_amount                    | 60300   |
| dbo.a_dianping3                           | 59413   |
| dbo.a_dianping5                           | 59368   |
| dbo.map_temp1216                          | 56036   |
| dbo.map_temp1216                          | 56036   |
| dbo.map_tt                                | 55619   |
| dbo.temp_img_old                          | 54716   |
| dbo.temp_img_old                          | 54716   |
| dbo.Taobao_Top2_RoomType                  | 54000   |
| dbo.[temp_run_6-29]                       | 53411   |
| dbo.Taobao_Top2_Product_His               | 52262   |
| dbo.Plateno_HotelPriceBatch               | 50306   |
| dbo.a_dianping6                           | 50204   |
| dbo.temp_tags                             | 50115   |
| dbo.syncobj_0x4530393533324445            | 49339   |
| dbo.TP_InsuranceOrderDetail               | 49339   |
| dbo.paymentlog                            | 49232   |
| dbo.syncobj_0x3834333431353237            | 49215   |
| dbo.Hds_RatePlan                          | 48947   |
| dbo.UserSerchHistory                      | 48803   |
| dbo.temp_MobileLoacting1                  | 48409   |
| dbo.temp_MobileLoacting1                  | 48409   |
| dbo.hotelTraffic                          | 47320   |
| dbo.syncobj_0x3531393036303634            | 47320   |
| dbo.Jltour_log                            | 46220   |
| dbo.UsersPayBack                          | 44769   |
| dbo.UsersPayBack                          | 44769   |
| dbo.syncobj_0x3441453635454233            | 42694   |
| dbo.HotelOrderRoomsbackup                 | 42654   |
| dbo.hotellevelsum                         | 42019   |
| dbo.M_QMG_Touser                          | 41577   |
| dbo.excel_sql                             | 40432   |
| dbo.Yqf_order_wi                          | 39879   |
| dbo.Yqf_order_wi                          | 39879   |
| dbo.Jltour_hotelpricebatch                | 39728   |
| dbo.v_hotels_online_times                 | 39633   |
| dbo.v_hotels_online_times                 | 39633   |
| dbo.TP_ProductOrders_OPScore              | 39515   |
| dbo.TP_Product_Search_Log                 | 38814   |
| dbo.Jltour_Hotel_KeyID_Mapping_log        | 38082   |
| dbo.Jltour_Hotel_KeyID_Mapping_log        | 38082   |
| dbo.hotelbankno_log                       | 36916   |
| dbo.hotelbankno_log                       | 36916   |
| dbo.syncobj_0x3230423241354641            | 36916   |
| dbo.fangcang_room                         | 36612   |
| dbo.hotelbijia                            | 36401   |
| dbo.TP_Product_Price_Batch                | 34514   |
| dbo.TP_Product_Price_Batch                | 34514   |
| dbo.Hds_RoomType                          | 33645   |
| dbo.syncobj_0x3239324543323334            | 33471   |
| dbo.TP_ProductOrders_TravellerInfo        | 32557   |
| dbo.AutoPutHotelComment                   | 32000   |
| dbo.syncobj_0x4138333845343741            | 32000   |
| dbo.qagentbankdetail                      | 31804   |
| dbo.hotelsmsdp                            | 30300   |
| dbo.syncobj_0x3442323734414237            | 30300   |
| dbo.TP_Lvmama_Scenic                      | 30224   |
| dbo.up_urp_comment_returnlimit            | 30091   |
| dbo.tp_17u_ticket                         | 29912   |
| dbo.paymentmode                           | 29859   |
| dbo.syncobj_0x3742464336423430            | 29859   |
| dbo.v_bonyxamount                         | 29826   |
| dbo.UserTotalBank                         | 29730   |
| dbo.HotelRoomType                         | 29308   |
| dbo.Hotelrank                             | 28279   |
| dbo.sms_extend_sale                       | 27869   |
| dbo.TP_Lvmama_Good                        | 27325   |
| dbo.temp_mobile2                          | 25525   |
| dbo.temp_mobile2                          | 25525   |
| dbo.Jltour_Hotel_RoomID_Mapping           | 25410   |
| dbo.elong_Sync_Log                        | 24482   |
| dbo.temp_td_limit                         | 24402   |
| dbo.temp_el_roomimg                       | 24372   |
| dbo.HotelorderWebfrom                     | 23307   |
| dbo.shuntorderlog                         | 22822   |
| dbo.hoteldemand                           | 22706   |
| dbo.City_Qunar                            | 22700   |
| dbo.syncobj_0x3945394534453137            | 22700   |
| dbo.TP_Ctrip_Ticket                       | 22608   |
| dbo.bijiarooms_214                        | 22207   |
| dbo.bijiarooms_1208                       | 22182   |
| dbo.quar_url                              | 22038   |
| dbo.quar_url                              | 22038   |
| dbo.temp_taobao_up_roompro                | 20389   |
| dbo.maplog                                | 20119   |
| dbo.temp_vizury                           | 20000   |
| dbo.bijiarooms_524                        | 19811   |
| dbo.hotels_temp1                          | 19586   |
| dbo.hotels_temp1                          | 19586   |
| dbo.op_sum                                | 19409   |
| dbo.OutDataMacthResult_Old                | 19307   |
| dbo.ChannelPushOrderLog                   | 18925   |
| dbo.syncobj_0x3434374242443931            | 18925   |
| dbo.syncobj_0x3344384545393145            | 18284   |
| dbo.syncobj_0x3231314131353938            | 18072   |
| dbo.v_TP_Product_Parent                   | 18072   |
| dbo.hotelcomlimit_bak                     | 18066   |
| dbo.hotelcomlimit_bak                     | 18066   |
| dbo.v_bijia_room_r                        | 17972   |
| dbo.v_bijia_room_r                        | 17972   |
| dbo.City_Backup                           | 17894   |
| dbo.City_Backup                           | 17894   |
| dbo.Jltour_Allprice_Sync                  | 17854   |
| dbo.hotelsignatory                        | 17848   |
| dbo.syncobj_0x3437304536344446            | 17848   |
| dbo.v_recyxamount                         | 17812   |
| dbo.DiffsTable                            | 16468   |
| dbo.hotel$                                | 16374   |
| dbo.errorLog                              | 15968   |
| dbo.Elong_RoomSyncDetail                  | 15816   |
| dbo.BiJiaHotels_duxiao2                   | 15383   |
| dbo.BiJiaHotels_duxiao2                   | 15383   |
| dbo.UserMessage                           | 15074   |
| dbo.temp_924_bijiarooms                   | 14736   |
| dbo.quna_url_map                          | 14709   |
| dbo.syncobj_0x3441313837413436            | 14651   |
| dbo.keywordLog                            | 14579   |
| dbo.partnersSendException                 | 14272   |
| dbo.temp_userbonus                        | 14012   |
| dbo.taobao_all_exists_room                | 13997   |
| dbo.qmsearchLog                           | 13509   |
| dbo.temp2013                              | 13502   |
| dbo.ttss2                                 | 13268   |
| dbo.ttss2                                 | 13268   |
| dbo.temp_usersredpackets_i                | 13244   |
| dbo.PmsBind                               | 13237   |
| dbo.Users_Wechat_Map                      | 13153   |
| dbo.a_qq                                  | 12914   |
| dbo.Hotel_dz                              | 12818   |
| dbo.syncobj_0x3830374135423835            | 12818   |
| dbo.hotelrecommend                        | 12751   |
| dbo.hm_hotelimg                           | 12519   |
| dbo.temp_bjrooms                          | 11592   |
| dbo.Hds_ValueAdd                          | 11205   |
| dbo.edmchannel                            | 10247   |
| dbo.SignScoreLog                          | 10200   |
| dbo.SignScoreLog                          | 10200   |
| dbo.FLG_BookingLog                        | 10050   |
| dbo.mango_point                           | 9996    |
| dbo.smserrorlog                           | 9917    |
| dbo.temp_hotelclass                       | 9222    |
| dbo.OutDataMatch_Exists_Dazhong           | 9173    |
| dbo.OutDataMatch_Exists_Dazhong           | 9173    |
| dbo.elong_brand                           | 8591    |
| dbo.Hds_Hotel_Mapping                     | 8316    |
| dbo.temp_taobao_hotel_info                | 8085    |
| dbo.temp_taobao_hotel_info                | 8085    |
| dbo.temp_93_bjRooms                       | 8004    |
| dbo.bijiaHotels_214                       | 7897    |
| dbo.temp8_29_bijiarooms                   | 7825    |
| dbo.elong_eLandmark                       | 7566    |
| dbo.temp_userorderbank                    | 7419    |
| dbo.temp_922_bijiarooms                   | 7411    |
| dbo.Hotel_ttstoday                        | 7027    |
| dbo.syncobj_0x3746353741423845            | 7027    |
| dbo.TP_Ctrip_Scenery                      | 6955    |
| dbo.qmg_taobao_room                       | 6865    |
| dbo.syncobj_0x3535444338394233            | 6861    |
| dbo.TP_MeiTuan_Order_Refunded_Log         | 6861    |
| dbo.Channel_HotelID_Mapping               | 6820    |
| dbo.syncobj_0x3237313239443638            | 6820    |
| dbo.ActivityCheck                         | 6786    |
| dbo.ActivityCheck                         | 6786    |
| dbo.v_pcity                               | 6761    |
| dbo.TP_Lvmama_Product                     | 6658    |
| dbo.Dida_HotelpriceBatch                  | 6591    |
| dbo.banknooplog                           | 6480    |
| dbo.v_citylev_china                       | 6433    |
| dbo.v_citylev_china                       | 6433    |
| dbo.v_cityinfo                            | 6432    |
| dbo.partnersCSA_Detail                    | 6367    |
| dbo.partnersCSA_Detail                    | 6367    |
| dbo.Mango_Zone                            | 6322    |
| dbo.Un_SiteProgram_Download_Log           | 6174    |
| dbo.Taobao_Top2_Hotel                     | 5937    |
| dbo.HotelWarn                             | 5688    |
| dbo.v_hotelwarn                           | 5681    |
| dbo.taobao_hotel_bank                     | 5673    |
| dbo.taobao_hotel_bank                     | 5673    |
| dbo.hotel_favorite                        | 5617    |
| dbo.syncobj_0x4538323837433536            | 5617    |
| dbo.jltour_bizzone                        | 5487    |
| dbo.tbPartnerOrder                        | 5293    |
| dbo.tbPartnerOrder                        | 5293    |
| dbo.send_msg_log                          | 5249    |
| dbo.HotelPaySuccess                       | 5231    |
| dbo.syncobj_0x3132304444353631            | 5231    |
| dbo.card_re_status                        | 5220    |
| dbo.syncobj_0x3839373543454143            | 5220    |
| dbo.taobao_hotel2                         | 5204    |
| dbo.qmg_temp                              | 5176    |
| dbo.Spider_Hotel_Mapping                  | 5156    |
| dbo.temp_el_img                           | 4956    |
| dbo.uppwdlog                              | 4939    |
| dbo.latest_hotels                         | 4848    |
| dbo.Taobao_Top2_RatePlan                  | 4846    |
| dbo.bijiahotels_524                       | 4727    |
| dbo.taobao_hotel_ntemp                    | 4659    |
| dbo.Un_Patch_Download_Log                 | 4555    |
| dbo.Home_feedback                         | 4543    |
| dbo.elong_HotelList                       | 4481    |
| dbo.elong_eDistricts                      | 4440    |
| dbo.Agentlogin                            | 4436    |
| dbo.UserComBank                           | 4383    |
| dbo.elong_eCommerical                     | 4304    |
| dbo.elong_HotelID_Mapping                 | 4264    |
| dbo.elong_Guarantee                       | 4169    |
| dbo.TP_Product_Mark_Log                   | 4076    |
| dbo.limitedVisitUser                      | 4035    |
| dbo.TP_Ctrip_Product                      | 4018    |
| dbo.Ctrip_OrderId_Mapping                 | 3861    |
| dbo.TP_City                               | 3786    |
| dbo.TP_Ctrip_City                         | 3786    |
| dbo.PayHotelNameList                      | 3698    |
| dbo.cPageView                             | 3665    |
| dbo.bijiahotels_1207                      | 3600    |
| dbo.bijiahotels_1207                      | 3600    |
| dbo.qqstatus                              | 3545    |
| dbo.Vote                                  | 3476    |
| dbo.re_ssms                               | 3417    |
| dbo.hotel_ip_bak2                         | 3365    |
| dbo.hotel_ip_bak2                         | 3365    |
| dbo.hotel_ip_bak2                         | 3365    |
| dbo.Jltour_Hotel_ID_Mapping               | 3355    |
| dbo.hotelDiscount                         | 3354    |
| dbo.syncobj_0x3043333736323433            | 3354    |
| dbo.taobao_all_exists_hotel               | 3344    |
| dbo.Un_SiteProgram_Install_Log            | 3337    |
| dbo.taobao_city                           | 3331    |
| dbo.FLG_OrderInsurance                    | 3098    |
| dbo.temp_hotelbankno                      | 3062    |
| dbo.hotelbankno_temp                      | 2975    |
| dbo.coment_temp_kk                        | 2931    |
| dbo.kk                                    | 2931    |
| dbo.HotelCommentMobile                    | 2818    |
| dbo.hotels_getWeb_temp3                   | 2706    |
| dbo.hotels_getWeb_temp3                   | 2706    |
| dbo.mktCodeVfy                            | 2681    |
| dbo.temp_bijiahotels                      | 2657    |
| dbo.temp_hz_limit                         | 2648    |
| dbo.hotelContactor                        | 2545    |
| dbo.taobao_room_log                       | 2536    |
| dbo.taobao_room_log                       | 2536    |
| dbo.ActivityUsers                         | 2534    |
| dbo.FLG_OrderPassenger                    | 2443    |
| dbo.temp_8823hotels_GetWeb                | 2434    |
| dbo.v_city1                               | 2325    |
| dbo.v_city1                               | 2325    |
| dbo.fangcang_city                         | 2223    |
| dbo.Q_SMSRECV                             | 2215    |
| dbo.UserInfo                              | 2173    |
| dbo.ActivityItemSelectes                  | 2161    |
| dbo.ActivityItemSelectes                  | 2161    |
| dbo.hotelpos_temp                         | 2105    |
| dbo.hotelpos_temp                         | 2105    |
| dbo.syncobj_0x4244323541303941            | 2070    |
| dbo.BijiaPrice                            | 2016    |
| dbo.temp_9220_bijiaHotels                 | 2010    |
| dbo.userlucker                            | 1976    |
| dbo.Un_Comission                          | 1938    |
| dbo.temp_cwhotelid                        | 1905    |
| dbo.Ctrip_RoomId_Mapping                  | 1888    |
| dbo.syncobj_0x3937353236413936            | 1888    |
| dbo.hk_room_returnlimit                   | 1875    |
| dbo.temp_tt_fuck                          | 1812    |
| dbo.temp_tt_fuck                          | 1812    |
| dbo.hotelnum                              | 1808    |
| dbo.syncobj_0x4237393633313431            | 1808    |
| dbo.Un_OrdersSummary                      | 1773    |
| dbo.Un_Users                              | 1773    |
| dbo.fangcang_fx_roommapping               | 1770    |
| dbo.FLG_OrderTrip                         | 1755    |
| dbo.Un_Orders                             | 1699    |
| dbo.bijia_error_log                       | 1645    |
| dbo.TP_Qunar_Order_Refunded_Log           | 1617    |
| dbo.temp_jx_limit                         | 1613    |
| dbo.sysarticlecolumns                     | 1585    |
| dbo.DX_hotel                              | 1569    |
| dbo.showhotels_taglist                    | 1554    |
| dbo.temp_add_taobao_hotel                 | 1503    |
| dbo.daodaodianping                        | 1499    |
| dbo.Invoice                               | 1492    |
| dbo.FLG_OrderDelivery                     | 1459    |
| dbo.FLG_OrderDelivery                     | 1459    |
| dbo.FLG_OrderLinkman                      | 1459    |
| dbo.elong_ecity                           | 1427    |
| dbo.temp_qunar2                           | 1382    |
| dbo.elong_city_mapping                    | 1365    |
| dbo.temp_jx_province_limit                | 1339    |
| dbo.Jltour_hotels_allprice                | 1303    |
| dbo.Jltour_hotels_allprice                | 1303    |
| dbo.TP_Qunar_ProductPrice                 | 1292    |
| dbo.userbonus_bak                         | 1250    |
| dbo.userbonus_bak                         | 1250    |
| dbo.v_TP_ProductOrders_New                | 1232    |
| dbo.link                                  | 1231    |
| dbo.userbonbank_bank                      | 1214    |
| dbo.userbonbank_bank                      | 1214    |
| dbo.paiban                                | 1144    |
| dbo.ddd                                   | 1136    |
| dbo.ddd                                   | 1136    |
| dbo.PayNameList_Log                       | 1136    |
| dbo.UsersCard                             | 1001    |
| dbo.ChannelSendDataLog                    | 995     |
| dbo.jltour_city                           | 995     |
| dbo.sysKeyWeb                             | 974     |
| dbo.temp_wh_limit                         | 958     |
| dbo.alipay_record2                        | 953     |
| dbo.Hds_Gift                              | 951     |
| dbo.qiushi_Articles                       | 949     |
| dbo.syncobj_0x3831313442433631            | 934     |
| dbo.TP_17U_OnLinePay_Ticket               | 887     |
| dbo.chat_wgflage                          | 886     |
| dbo.TP_MeiTuan_ProductPrice               | 882     |
| dbo.sso1                                  | 849     |
| dbo.sso1                                  | 849     |
| dbo.UsersPayBackRem                       | 848     |
| dbo.Mango_HotelBrand                      | 815     |
| dbo.DBSchema                              | 772     |
| dbo.syncobj_0x4534443331463439            | 744     |
| dbo.TP_Product_Comment                    | 744     |
| dbo.Dida_Hotel_Mapping                    | 717     |
| dbo.v_hotelpay_check                      | 705     |
| dbo.booklimitdays                         | 692     |
| dbo.syncobj_0x4636343639384330            | 692     |
| dbo.temp_qunar1                           | 691     |
| dbo.tt_fuck1                              | 691     |
| dbo.tt_fuck1                              | 691     |
| dbo.View_HotelsAD                         | 681     |
| dbo.ttsss                                 | 649     |
| dbo.fangcang_nomapping                    | 638     |
| dbo.Ctrip_HotelId_Mapping                 | 621     |
| dbo.syncobj_0x3236323736383936            | 621     |
| dbo.syssubscriptions                      | 608     |
| dbo.RealTimeRoomProduct                   | 607     |
| dbo.hotel_ensure_bank                     | 601     |
| dbo.hotel_ensure_bank                     | 601     |
| dbo.Mango_City_Mapping                    | 601     |
| dbo.Mango_City_Mapping                    | 601     |
| dbo.hotel_ensure_log                      | 583     |
| dbo.HotelShow                             | 552     |
| dbo.syncobj_0x3444333239314533            | 552     |
| dbo.TP_17u_City                           | 552     |
| dbo.FLG_UserPassenger                     | 549     |
| dbo.hotel_rx_hp                           | 520     |
| dbo.hotel_rx_ph_1                         | 520     |
| dbo.hotelpayreport                        | 520     |
| dbo.syncobj_0x3436464338424136            | 520     |
| dbo.syncobj_0x4437464243393443            | 520     |
| dbo.taobao_roomproduct_temp               | 510     |
| dbo.taobao_roomproduct_temp               | 510     |
| dbo.hotelts1                              | 507     |
| dbo.hotelts1                              | 507     |
| dbo.syncobj_0x4245333638434339            | 507     |
| dbo.temp_qunar_room                       | 496     |
| dbo.temp_qunar_room                       | 496     |
| dbo.tcoupon                               | 485     |
| dbo.syncobj_0x4642383844393142            | 482     |
| dbo.TP_Product_Collection                 | 471     |
| dbo.tohuserid                             | 469     |
| dbo.FLG_PreferentialHistory               | 457     |
| dbo.ShortUrls                             | 435     |
| dbo.bijia_mangocity                       | 430     |
| dbo.map_extre                             | 422     |
| dbo.map_extre                             | 422     |
| dbo.syncobj_0x3336424443363431            | 421     |
| dbo.Qunafp_Hotel                          | 417     |
| dbo.syncobj_0x3132463845424236            | 417     |
| dbo.taglist_t                             | 416     |
| dbo.taglist_t                             | 416     |
| dbo.fangcang_Order_Mapping                | 413     |
| dbo.mango_taobao_roomproduct              | 404     |
| dbo.PmsCity                               | 391     |
| dbo.t_roomid                              | 390     |
| dbo.JiuJiu_RoomID_Mapping                 | 375     |
| dbo.JiuJiu_HotelRooms_Temp                | 368     |
| dbo.fangcang_err_order                    | 366     |
| dbo.TP_Lvmama_City                        | 362     |
| dbo.v_hotel_ensure_bank                   | 362     |
| dbo.ScPlan                                | 352     |
| dbo.TP_Product_Pic                        | 344     |
| dbo.taobao_hotel_temp                     | 337     |
| dbo.sysKeywords                           | 317     |
| dbo.PMSWXzf                               | 313     |
| dbo.smsjs                                 | 308     |
| dbo.hotelcomment_mod                      | 303     |
| dbo.activsroom                            | 301     |
| dbo.syncobj_0x3535344142333444            | 301     |
| dbo.syncobj_0x4530413934333835            | 301     |
| dbo.elong_Order_mangocity                 | 275     |
| dbo.TP_Ctrip_OrderStatus_Change_Log       | 266     |
| dbo.temp_sx_limit                         | 254     |
| dbo.TE_CreateLog                          | 252     |
| dbo.shuntorderrep                         | 247     |
| dbo.RestcardBackup                        | 241     |
| dbo.Class                                 | 236     |
| dbo.jjzx_temp                             | 236     |
| dbo.syncobj_0x4233454337463935            | 236     |
| dbo.FLG_NotifyMission                     | 219     |
| dbo.syncobj_0x4635334346424330            | 217     |
| dbo.hotels_jl_211                         | 215     |
| dbo.Dida_Room_Mapping                     | 211     |
| dbo.mktMeeting                            | 211     |
| dbo.syncobj_0x4133423242414234            | 211     |
| dbo.TP_Product_CPS_Orders                 | 211     |
| dbo.hotelActivity                         | 207     |
| dbo.syncobj_0x4139453232444334            | 207     |
| dbo.FLG_UserLinkman                       | 204     |
| dbo.TP_Province                           | 199     |
| dbo.FLG_AirportCity                       | 197     |
| dbo.FLG_AirportCity                       | 197     |
| dbo.TP_ProductSupplier_AuditLog           | 192     |
| dbo.TP_ProductSupplier_AuditLog           | 192     |
| dbo.act_sep_preferential_users            | 179     |
| dbo.CityPlaceLabelTags                    | 176     |
| dbo.hotel_ensure_payback                  | 170     |
| dbo.fangcang_province                     | 165     |
| dbo.TP_17u_Province                       | 165     |
| dbo.strategyImg                           | 159     |
| dbo.syncobj_0x3733304345373245            | 159     |
| dbo.TP_Qunar_Order_Eticket                | 158     |
| dbo.AadjustLog                            | 151     |
| dbo.PayFilterOrder                        | 148     |
| dbo.RecOrderLog                           | 142     |
| dbo.hotcityhotel                          | 140     |
| dbo.hotelProperty                         | 140     |
| dbo.syncobj_0x3144354136414232            | 140     |
| dbo.WCRTEMP00005                          | 135     |
| dbo.specialclass                          | 128     |
| dbo.specialclass                          | 128     |
| dbo.HotelPaid                             | 123     |
| dbo.TP_ProductSupplier_BankInfo           | 122     |
| dbo.agent_site_info                       | 119     |
| dbo.agent_site_info                       | 119     |
| dbo.Activeroom                            | 117     |
| dbo.AliasCardOrders                       | 116     |
| dbo.PayFilterHotel                        | 116     |
| dbo.JiuJiu_HotelID_Mapping                | 114     |
| dbo.JiuJiu_RoomPrice_Sycn_Log             | 114     |
| dbo.syncobj_0x3543314439454530            | 114     |
| dbo.hotel_ensure_dklog                    | 113     |
| dbo.JiuJiu_HotelInfo_Temp                 | 113     |
| dbo.sysarticles                           | 113     |
| dbo.sysextendedarticlesview               | 113     |
| dbo.syncobj_0x4243313037324637            | 112     |
| dbo.TagType                               | 112     |
| dbo.cl_temp_hotel                         | 108     |
| dbo.syncobj_0x3031443042324137            | 108     |
| dbo.TP_RQQTrip_City                       | 104     |
| dbo.HotelOrderRoomsBaofang                | 103     |
| dbo.Un_UserBankInfo                       | 98      |
| dbo.temp_tb_exists                        | 97      |
| dbo.alipay_order                          | 96      |
| dbo.temp_sy_limit                         | 94      |
| dbo.FLG_AirPlane                          | 90      |
| dbo.Home_Links                            | 90      |
| dbo.syncobj_0x4344443137463436            | 90      |
| dbo.FLG_CodeDescriptions                  | 89      |
| dbo.taobao_hotel_log                      | 76      |
| dbo.ZDEL_ClubWrite                        | 75      |
| dbo.OrderPayBackLog                       | 73      |
| dbo.couponCodeSummary                     | 69      |
| dbo.Plateno_RoomMapping                   | 68      |
| dbo.ProcStatusRoleList                    | 68      |
| dbo.syncobj_0x4244433943423341            | 68      |
| dbo.managerarea                           | 67      |
| dbo.Province                              | 67      |
| dbo.syncobj_0x3133314446443537            | 67      |
| dbo.syncobj_0x4645423237363141            | 67      |
| dbo.hotelordersissk                       | 65      |
| dbo.syncobj_0x4145464438433946            | 65      |
| dbo.OrderProcStatus                       | 64      |
| dbo.syncobj_0x3838314445363944            | 64      |
| dbo.TP_Product_Itinerary                  | 63      |
| dbo.v_comyxamount                         | 63      |
| dbo.Jltour_rate                           | 62      |
| dbo.v_showhotels_taglist                  | 60      |
| dbo.FastConfirmHotels                     | 58      |
| dbo.act_lamo_luckydraw_users              | 55      |
| dbo.author                                | 54      |
| dbo.Spider_Mfw_CityMapping                | 54      |
| dbo.Hotel_Meituan_HalfToAll               | 52      |
| dbo.syncobj_0x3036323032374234            | 52      |
| dbo.taobao_sessionkey                     | 52      |
| dbo.MktCode                               | 51      |
| dbo.temp_tb_room_exists                   | 50      |
| dbo.TP_RQQTrip_Product                    | 50      |
| dbo.FLG_UserCreditCard                    | 47      |
| dbo.temp55                                | 46      |
| dbo.hoteltag                              | 43      |
| dbo.OpenPlat_log                          | 43      |
| dbo.syncobj_0x3231344433364130            | 43      |
| dbo.ppcommend                             | 42      |
| dbo.Facilities                            | 41      |
| dbo.FLG_Airline                           | 41      |
| dbo.FullPayHotels                         | 41      |
| dbo.syncobj_0x4143364338354231            | 41      |
| dbo.syncobj_0x4245443539443131            | 41      |
| dbo.taobao_refund                         | 40      |
| dbo.TP_Product_MobileCheckCode            | 40      |
| dbo._NewsType                             | 39      |
| dbo.Hotels_Wechat_Map                     | 36      |
| dbo.IP                                    | 36      |
| dbo.taobao_province                       | 34      |
| dbo.TP_Ctrip_Province                     | 34      |
| dbo.IframeCityHotel                       | 33      |
| dbo.IframeCityHotel                       | 33      |
| dbo.syncobj_0x3933434531323739            | 33      |
| dbo.JobMan                                | 32      |
| dbo.bijiaOpRoomLog                        | 30      |
| dbo.ChinaHotels                           | 29      |
| dbo.hotelOrderProcstatus                  | 29      |
| dbo.syncobj_0x3445453141413636            | 29      |
| dbo.strategyComment                       | 28      |
| dbo.syncobj_0x3633453541313734            | 28      |
| dbo.TP_Product_Quantifiers                | 28      |
| dbo.v_hotelorderroomsbaofang              | 28      |
| dbo.AlipayAssErrCode                      | 27      |
| dbo.AlipayAssErrCode                      | 27      |
| dbo.Country_Holiday                       | 27      |
| dbo.Country_Holiday                       | 27      |
| dbo.qiushi_Comments                       | 27      |
| dbo.syncobj_0x3338393643393138            | 27      |
| dbo.Home_Hot_Hotels                       | 26      |
| dbo.syncobj_0x3831333831384233            | 26      |
| dbo.Un_UserPayBack                        | 25      |
| dbo.hotelnewest                           | 24      |
| dbo.productmanager                        | 24      |
| dbo.syncobj_0x4343323944423546            | 24      |
| dbo.Un_PicPromotionType                   | 24      |
| dbo.FLG_SysConfigItem                     | 23      |
| dbo.v_procstatus                          | 23      |
| dbo.Hds_IncrOrders                        | 22      |
| dbo.mango_tag                             | 22      |
| dbo.Hds_Order_Mapping                     | 21      |
| dbo.Un_Op_Log                             | 21      |
| dbo.temp_taobao_roomproduct               | 20      |
| dbo.chatpri                               | 19      |
| dbo.HotelClass_bak                        | 19      |
| dbo.HotelClass_bak                        | 19      |
| dbo.Jltour_Overseas_HotelID               | 19      |
| dbo.tbAPI                                 | 19      |
| dbo.hotelrecomends                        | 18      |
| dbo.hotelrecomends                        | 18      |
| dbo.syncobj_0x3243303839374532            | 18      |
| dbo.TP_ProductClass                       | 18      |
| dbo.customerlist                          | 17      |
| dbo.Hongkong_Class_Information            | 17      |
| dbo.ivrstatus                             | 17      |
| dbo.JiuJiu_Order_Mapping                  | 17      |
| dbo.TE_StaticReplace                      | 17      |
| dbo.OrderMod                              | 16      |
| dbo.gzinfo                                | 15      |
| dbo.syncobj_0x3630413346444134            | 15      |
| dbo.TE_PageTemplate                       | 15      |
| dbo.v_oorderid                            | 15      |
| dbo.syncobj_0x3634444243423032            | 14      |
| dbo.Jobs                                  | 13      |
| dbo.SysDomainInfo                         | 13      |
| dbo.SysDomainInfo                         | 13      |
| dbo.TP_Product_Type                       | 13      |
| dbo.FLG_Advertisement                     | 12      |
| dbo.miaosha                               | 12      |
| dbo.CityPlaceLabel                        | 11      |
| dbo.CreditCardType                        | 11      |
| dbo.Hds_Order_Pre                         | 11      |
| dbo.Home_Hotels_Class                     | 11      |
| dbo.Home_Hotels_Class                     | 11      |
| dbo.ModOrderPayBack                       | 11      |
| dbo.OrderProcstatusType                   | 11      |
| dbo.syncobj_0x3944424145343841            | 11      |
| dbo.syspublications                       | 11      |
| dbo.WeixinMessage                         | 11      |
| dbo.HotelImgClass                         | 10      |
| dbo.hotelorders_vvv                       | 10      |
| dbo.mddetail                              | 10      |
| dbo.StandardRoom                          | 10      |
| dbo.syncobj_0x4444323839383544            | 10      |
| dbo.tophotel                              | 10      |
| dbo.ChatLex                               | 9       |
| dbo.strategybq                            | 9       |
| dbo.strategybq                            | 9       |
| dbo.syncobj_0x4444313433313133            | 9       |
| dbo.taobao_hah                            | 9       |
| dbo.Z_News                                | 9       |
| dbo.syncobj_0x3546414542423733            | 8       |
| dbo.Continent                             | 7       |
| dbo.maillist                              | 7       |
| dbo.maillist                              | 7       |
| dbo.OrderCannelType                       | 7       |
| dbo.PMSwxListLog                          | 7       |
| dbo.PMSwxzfQueue                          | 7       |
| dbo.TE_StaticPages                        | 7       |
| dbo.Un_ComissionType                      | 7       |
| dbo.Un_PatchInfo                          | 7       |
| dbo.ActiveDiscount                        | 6       |
| dbo.Activetype                            | 6       |
| dbo.BiJiaWeb                              | 6       |
| dbo.qagent_type                           | 6       |
| dbo.qagent_type                           | 6       |
| dbo.syncobj_0x3437353035444145            | 6       |
| dbo.syncobj_0x3930453136383734            | 6       |
| dbo.TP_Product_Theme                      | 6       |
| dbo.UserBonusType                         | 6       |
| dbo.elong_RoomID_Mapping_TEMP             | 5       |
| dbo.elong_RoomID_Mapping_TEMP             | 5       |
| dbo.elong_Update_Log                      | 5       |
| dbo.FLG_Url                               | 5       |
| dbo.Home_AD                               | 5       |
| dbo.hotelbigclass                         | 5       |
| dbo.mktCard                               | 5       |
| dbo.ssmsbf                                | 5       |
| dbo.ssmsbf                                | 5       |
| dbo.syncobj_0x3534433430444341            | 5       |
| dbo._NewsCatalog                          | 4       |
| dbo._NewsCatalog                          | 4       |
| dbo._Newscomment                          | 4       |
| dbo.activs                                | 4       |
| dbo.BulkToDataBaseErrLog                  | 4       |
| dbo.channelTypeActivs                     | 4       |
| dbo.FLG_SysConfigModule                   | 4       |
| dbo.Hongkong_SP_ProductType               | 4       |
| dbo.hotelpay_error                        | 4       |
| dbo.hotelpay_old2                         | 4       |
| dbo.syncobj_0x3541323330393838            | 4       |
| dbo.syncobj_0x4535313030383845            | 4       |
| dbo.taobao_room_temp                      | 4       |
| dbo.tbAPIType                             | 4       |
| dbo.TP_ProductInfo_IncludeProduct         | 4       |
| dbo.TP_ProductInfo_IncludeProduct         | 4       |
| dbo.tsorders                              | 4       |
| dbo.jj9                                   | 3       |
| dbo.jj9                                   | 3       |
| dbo.Taobao_Top2_Price_Strategy            | 3       |
| dbo.TE_StaticModel                        | 3       |
| dbo.WCRTEMP00009                          | 3       |
| dbo.WCRTEMP00010                          | 3       |
| dbo.WCRTEMP00011                          | 3       |
| dbo.BiJiaRc                               | 2       |
| dbo.chat_out_ip                           | 2       |
| dbo.Chat_User_Score                       | 2       |
| dbo.FLG_AdPosition                        | 2       |
| dbo.Hongkong_Discount_Information         | 2       |
| dbo.hotelpay_4_18                         | 2       |
| dbo.HotelUsers_SignAgent_log              | 2       |
| dbo.HotelUsers_SignAgent_log              | 2       |
| dbo.HotelUsers_SignAgent_log              | 2       |
| dbo.JiuJiu_DataPush_Log                   | 2       |
| dbo.OrderProcCustomer                     | 2       |
| dbo.smsBlacklist                          | 2       |
| dbo.TE_CreateRule                         | 2       |
| dbo.VoteType                              | 2       |
| dbo.WeixinUser                            | 2       |
| dbo.a_sql_1                               | 1       |
| dbo.activityRed                           | 1       |
| dbo.AgentRateLog                          | 1       |
| dbo.AgentRateLog                          | 1       |
| dbo.bijiahotels2                          | 1       |
| dbo.elong_LastTime_Hotel                  | 1       |
| dbo.elong_LastTime_Inv                    | 1       |
| dbo.elong_LastTime_Rate                   | 1       |
| dbo.elong_LastTime_State                  | 1       |
| dbo.hotelorders_check                     | 1       |
| dbo.hotelpay_3_8                          | 1       |
| dbo.hotelpay_3_8                          | 1       |
| dbo.orderpaybackerr                       | 1       |
| dbo.orderpaybackerr                       | 1       |
| dbo.pventconfig                           | 1       |
| dbo.syncobj_0x4337354646433844            | 1       |
| dbo.sysreplservers                        | 1       |
| dbo.TE_EngineConfig                       | 1       |
| dbo.temp_sms                              | 1       |
| dbo.Un_SiteProgram_DownInstall_SummaryLog | 1       |
| dbo.UserToken                             | 1       |
| dbo.WaterMark                             | 1       |
+-------------------------------------------+---------+

漏洞证明:

修复方案:

版权声明:转载请注明来源 T0n9@X1a0J1e@乌云

漏洞回应

厂商回应:

危害等级:无影响厂商忽略

忽略时间:2016-05-05 20:40

厂商回复:

漏洞Rank:17 (WooYun评价)

最新状态:

暂无

漏洞评价:

评价