漏洞详情

披露状态:

2014-02-28: 细节已通知厂商并且等待厂商处理中
2014-03-05: 厂商已经确认,细节仅向厂商公开
2014-03-15: 细节向核心白帽子及相关领域专家公开
2014-03-25: 细节向普通白帽子公开
2014-04-04: 细节向实习白帽子公开
2014-04-14: 细节向公众公开

简要描述:

168个不重复的织梦SQL注入漏洞,dedecms太恐怖了。

详细说明:

http://www.abingjs.com  UserName:admin  MD5:3e7a64d84683d218
http://www.sunnyi.cn UserName:kicshop7356 MD5:0d735d1d077e5e24
http://www.duhoo.net UserName:admin MD5:a7389ec9ad889c29
http://www.0731jkj.com UserName:xzs MD5:fcec6c9ff7085e39
http://www.dailysilver.org UserName:admin MD5:86c7fbcd6ecf5109
http://www.zgwhzsh.com UserName:yangyinghao1986 MD5:6e15b19a4038f470
http://www.2h2d.com.tw UserName:xiangge MD5:b1827488e9f7eff2
http://www.mobage.tw UserName:admin MD5:96b405ddbdad8f74
http://www.emxinc.cn UserName:admin MD5:e18b5117f85a6346
http://www.sdjgj.gov.cn UserName:admin MD5:14d9995171425f42
http://www.makkee.com.hk UserName:admin MD5:7a57a5a743894a0e
http://www.szgt.gov.cn UserName:admin MD5:b93a0dc3b77e2c3f
http://www.tpdmacao.org UserName:admin MD5:6ea6b7fa02701b1e
http://www.scncpa-l-tax.gov.cn UserName:admin MD5:14867e1ed882aac2
http://www.xjcare.com UserName:admin MD5:8bc0d65d453b6f23
http://www.p-expo.com UserName:zhsp MD5:1e1d244ffb13f2e6
http://www.jshuabo.com UserName:admin MD5:049c26fd1a481a7d
http://www.tzfeilu.com UserName:tzgly MD5:7a57a5a743894a0e
http://www.annoroad.com UserName:admin MD5:7136b455e18b5e2c
http://www.jnwater.com.cn UserName:jnwater MD5:8e471f1a0b8440ad
http://sdjn.evergrande.com UserName:admin MD5:3a416e73140f2d19
http://www.cbfq.cn UserName:admin MD5:f9b98be32100c3a1
http://bjuu.xdf.cn UserName:admin MD5:d2e917195d57a8b8
http://www.cautism.com UserName:kangda MD5:0e0b2e56dc5d5905
http://www.amt.com.cn UserName:admin MD5:ec411cb0044be977
http://www.d-heaven.com UserName:cmsadmin MD5:50ea5839b500fd74
http://nsca-shanghai.com.cn UserName:admin MD5:bc356ff2d42e0dcf
http://www.zmnedu.com UserName:admin MD5:7925a2c5b49147ff
http://www.cis-expo.com UserName:admin MD5:59c5e1d09a804986
http://www.zoyue.com UserName:chinawwhb MD5:df5ab255f3c91ae5
http://www.ugitc.com UserName:admin MD5:a7a0bd9ef71d8cf9
http://www.eb5yimin.com UserName:yimin MD5:12b0fa625f9c6733
http://www.gzptly.com UserName:cncolour MD5:4d7191e8c276e745
http://www.weilanshi.com UserName:admin MD5:571e55e4f3544600
http://www.jsjyha.com UserName:admin MD5:c10beb229a472662
http://www.the9edu.com UserName:admin MD5:b2b4dcab418c486b
http://www.csc114.com UserName:admin MD5:fc74c3c9621715ba
http://www.cnasthma.com UserName:nahan MD5:c831b04de153469d
http://old.5tv.com.cn UserName:admin MD5:67ac90f8b98ab4b8
http://www.fanstour.com UserName:zhf@ MD5:95de932938d9a947
http://www.yfzdc.com UserName:admin MD5:28c460b82f54fb43
http://www.astv.com.cn UserName:admin MD5:6901773399d581a7
http://www.ginzza.net UserName:teqhost MD5:9ebb052280d37ccd
http://www.habc.org.cn UserName:habc MD5:469e80d32c0559f8
http://www.gdsme.org UserName:admin MD5:534232ee8a562849
http://www.bdwsj.gov.cn UserName:admin MD5:1456b237f44533a0
http://fzone.oushinet.com UserName:admin MD5:45e3f273326e4ea3
http://www.kidney-cares.org UserName:administrator MD5:3b407eafc243a082
http://www.dbond.net UserName:chuming MD5:6ba60d779d0aebbb
http://www.hnsbxh.org UserName:abc MD5:5e55395d57dc3f8a
http://www.imwchina.com UserName:admin MD5:d1e9b30508e63064
http://www.dgtoyota.com UserName:myadmin MD5:65914e6f8121f88c
http://www.daojiayouxue.com UserName:admin MD5:b9a0f64d09f6ab68
http://www.yxlw.org UserName:cdgadmin MD5:d08214e252decf49
http://www.trust-trust.com UserName:stadmin1 MD5:79558095a64eb822
http://www.simon-sh.com UserName:webadmin MD5:e139be103324d04d
http://www.forhead.org UserName:admin MD5:69b1e3ec2f699258
http://www.wssng.com UserName:admin MD5:bfb709dd58931f5f
http://www.lzmcwx.com UserName:admin MD5:4b88cd2afde80fd2
http://www.hrzh.org UserName:admin MD5:ac8fc472994386de
http://grandmarkrealty.net UserName:admin MD5:786624e951f4fcbf
http://www.xbtcm.com UserName:admin MD5:9dc96c496966a7f6
http://pingnannews.com UserName:admin MD5:e2a900c259ab31e3
http://www.gzyjtoyota.com UserName:myadmin MD5:65914e6f8121f88c
http://www.cchmis.cn UserName:CcadMaster MD5:568393db540b9ad1
http://www.xzxinli.com UserName:admin MD5:4b143e089e10b1ea
http://www.uestcp.com.cn UserName:liujinsong MD5:a85340b1e913e0f7
http://www.hzxhly.gov.cn UserName:admin MD5:93e482461b714777
http://nkbayy.com UserName:admin MD5:029cf707939e886e
http://www.yz918.com UserName:xtybfgu MD5:52376ea9c7864ec8
http://hee.ctgu.edu.cn UserName:admin MD5:2745542386421305
http://www.sygdw.com UserName:sygdw MD5:291c3bb684559dfd
http://www.tongcard.net UserName:admin MD5:06150a04f5c163bb
http://www.koons.com.cn UserName:admin MD5:3996abdb71e2b508
http://www.valveyoto.com UserName:admin MD5:c1f3a636c05f8257
http://www.rw-wine.com UserName:ruiwen_com2 MD5:891715ef8ceb1f7b
http://lib.qionghai.gov.cn UserName:abc MD5:5e55395d57dc3f8a
http://www.redbudgroup.org.cn UserName:redbud_admin MD5:33b34179526e12fa
http://www.fiesta.com.hk UserName:admin MD5:204233f582152996
http://www.fzys120.com UserName:admin MD5:39ff38e667472281
http://www.duoge007.com UserName:duoge MD5:cd75f87177b6febe
http://www.jssybz.com UserName:sydw MD5:7a57a5a743894a0e
http://www.dianfei.org UserName:admin MD5:b4242280103410dd
http://zjjzc.com UserName:zjjweb MD5:464f0b3d6e2efc34
http://www.013578.com UserName:JINCHENG MD5:72c1cef643c98e3a
http://www.66663333.com UserName:admin MD5:a5c9293c54538f08
http://www.ka147.com UserName:admin MD5:11c605acc3884920
http://www.114228.com UserName:admin MD5:1fafc8de44826dcc
http://www.zikaohn.com UserName:33739321 MD5:65065adf021239e3
http://www.syygyy.com UserName:cityroom MD5:9c9105140e72c7dd
http://www.lzhxzx.net UserName:admin MD5:c768f674f3c92add
http://www.yixtnb.com UserName:admin MD5:edbe6a86266db44f
http://www.refeng.net UserName:papaya MD5:373f8e6fc6733f27
http://www.zaozhuangly.com UserName:admin MD5:49ba59abbe56e057
http://www.86123123.com UserName:admin MD5:17e72fccd326b99f
http://www.zdhbo.com UserName:admin MD5:7652bd870b7cecb0
http://www.sccj6.com UserName:admin MD5:1a4224be9e6c0b72
http://www.yaosuanteng.com UserName:mafeng MD5:8bd3e402498dce41
http://www.086kqw.com UserName:admin MD5:5b16336c3d67ba49
http://www.yotolo.com UserName:tujyce MD5:03d53c9a2395b002
http://www.tmwh.com UserName:admin MD5:164dbb260505c63d
http://www.goozjj.com UserName:admin MD5:b43a54b73b6a221f
http://www.hyzhengxing.com UserName:admin MD5:e32ec5c3f5a117b4
http://www.bjbaoye.com UserName:byadmin MD5:3a2cd1a22cea1640
http://www.bjchmnw.com UserName:admin MD5:3bae929f37819e58
http://www.biantawang.com UserName:mym MD5:f200218ff5285ab0
http://www.dgxxw.net UserName:hbpeixun MD5:576e62b2d91c7470
http://www.naisee.com UserName:cgaga MD5:3f1126d1e89c3eed
http://dhaow.com UserName:admin MD5:7a57a5a743894a0e
http://zuimeijia.com UserName:admin MD5:f615b40fd9022ef0
http://www.516diy.com UserName:zhoucheng MD5:c6139c908de4a604
http://www.gxbyby.com UserName:admin MD5:deef630e71f718d9
http://www.siyin123.com UserName:admin MD5:eb853cd377ff4934
http://www.yingqin.org UserName:yingwenhua MD5:49ba59abbe56e057
http://www.losewz.com UserName:admin MD5:13d2f30b108c3f8c
http://www.021shangbiao.com UserName:admin MD5:5a55685595a72b2c
http://www.xinkegbyy.com UserName:admin MD5:2ce4a75eb264485b
http://www.sh414.com UserName:shenekin MD5:247c7fb160a440dd
http://www.shiyoupeixun.com UserName:mqzhqf MD5:25c1daccb05322d6
http://www.hxxt.cn UserName:admin MD5:a24cfb649f754bb0
http://www.nm18.com UserName:apider MD5:4efe0b194e966523
http://www.tao1638.com UserName:admin MD5:7a57a5a743894a0e
http://www.tailum.com UserName:admin MD5:ad961b25c9b37e7f
http://www.tsgbyy.com UserName:admin MD5:49ba59abbe56e057
http://www.mydcj.com UserName:bianhy MD5:39576dd3c96ed626
http://www.120xd.com UserName:admin MD5:13955235245b2497
http://www.renliu365.com UserName:0779admin MD5:ade0ca12790eb95c
http://www.028chuzhou.com UserName:admin MD5:f1ee5a1be7bb4fe8
http://www.tiandily.com UserName:tiandily2010 MD5:f5facda10893b2e2
http://www.zgditan.com UserName:admin MD5:f74ec646b7890896
http://cn.west.travel UserName:admin MD5:bfa64cbcea931592
http://www.5k58.com UserName:my_admin MD5:63d4b32999ceb403
http://www.ynguzhen.com UserName:admin MD5:da7de4810c96042f
http://www.tjbfyy.com UserName:admin MD5:e338c11d91a56de5
http://www.17jzg.com UserName:admin MD5:3f53f9fc4e1b51ca
http://www.catholic.cd UserName:admin MD5:335cc2acb8ce87fb
http://www.ziweifu.com UserName:leadcom MD5:37a7ce29dc602a59
http://www.jpxf.com UserName:admin MD5:005bf9a430660367
http://www.dipujie.com UserName:admin MD5:7a57a5a743894a0e
http://www.gk116.cn UserName:admin MD5:f920ca1c9f9a5ec8
http://www.hep6.com UserName:admin MD5:3075dcad135e26cd
http://www.mbzhan.com UserName:admin MD5:affaa0cca5eecba7
http://www.jzmoban.com UserName:admin MD5:bc5d348b09b42fad
http://www.bdfch.com UserName:admin MD5:a0f32b688a015346
http://www.5loveb.com UserName:admin MD5:b9f1e3d940d5aa12
http://www.youkeyou.com UserName:fanren MD5:b9e2e489de343173
http://www.sdzsxx.net UserName:admin MD5:9e2b8eae02a5606b
http://www.119cumt.com UserName:admin MD5:b02759daf7814712
http://www.51ou.com UserName:adminsswqzxdede51oucom MD5:ad32fb0f66e2f3ad
http://www.maomaome.com UserName:admin MD5:be27139e41c93cab
http://news.xuejiqiao.com UserName:admin MD5:d94a6ea252fd0165
http://www.hxlaa.com UserName:xiao MD5:6b41eb2011dcf129
http://www.zz1x.com UserName:btao24 MD5:24656dcb484a04b2
http://www.525222.com UserName:lotus MD5:1c9b9131355627bc
http://www.shouwutang.com UserName:admin MD5:4394dda586a2b734
http://202.196.33.231 UserName:yxz MD5:293f3c88011d98e6
http://www.qbzjw.org UserName:admin MD5:e2695f8bed7ea430
http://www.mtksj.com UserName:youzhibin MD5:9a3eecebbaee7162
http://www.ajzw.gov.cn UserName:admin MD5:0e1b2a7b1edad7bc
http://www.hrbcct.com UserName:Fabu MD5:8a6107e9574674cc08dbe6b43b43
http://www.52bus.com UserName:admin MD5:9716bbd9f69b4582
http://www.robotain.com UserName:robotain MD5:dab90ff1f6b416f1
http://www.justds.com UserName:admin MD5:87561d5afa5ba709
http://www.cnyako.com UserName:didi8765 MD5:a7d6fe7baaff92f9
http://www.chromegame.org UserName:admin_Game@123 MD5:34471f652c9ef6bd
http://www.tgindt.com UserName:admin MD5:fab11a8a46bc41a5
http://www.gzhifi.com UserName:admin MD5:c262973e4f9d8fbe
http://www.chinajianyang.com UserName:admin MD5:be692a77e34d959c

漏洞证明:

http://www.abingjs.com  UserName:admin  MD5:3e7a64d84683d218
http://www.sunnyi.cn UserName:kicshop7356 MD5:0d735d1d077e5e24
http://www.duhoo.net UserName:admin MD5:a7389ec9ad889c29
http://www.0731jkj.com UserName:xzs MD5:fcec6c9ff7085e39
http://www.dailysilver.org UserName:admin MD5:86c7fbcd6ecf5109
http://www.zgwhzsh.com UserName:yangyinghao1986 MD5:6e15b19a4038f470
http://www.2h2d.com.tw UserName:xiangge MD5:b1827488e9f7eff2
http://www.mobage.tw UserName:admin MD5:96b405ddbdad8f74
http://www.emxinc.cn UserName:admin MD5:e18b5117f85a6346
http://www.sdjgj.gov.cn UserName:admin MD5:14d9995171425f42
http://www.makkee.com.hk UserName:admin MD5:7a57a5a743894a0e
http://www.szgt.gov.cn UserName:admin MD5:b93a0dc3b77e2c3f
http://www.tpdmacao.org UserName:admin MD5:6ea6b7fa02701b1e
http://www.scncpa-l-tax.gov.cn UserName:admin MD5:14867e1ed882aac2
http://www.xjcare.com UserName:admin MD5:8bc0d65d453b6f23
http://www.p-expo.com UserName:zhsp MD5:1e1d244ffb13f2e6
http://www.jshuabo.com UserName:admin MD5:049c26fd1a481a7d
http://www.tzfeilu.com UserName:tzgly MD5:7a57a5a743894a0e
http://www.annoroad.com UserName:admin MD5:7136b455e18b5e2c
http://www.jnwater.com.cn UserName:jnwater MD5:8e471f1a0b8440ad
http://sdjn.evergrande.com UserName:admin MD5:3a416e73140f2d19
http://www.cbfq.cn UserName:admin MD5:f9b98be32100c3a1
http://bjuu.xdf.cn UserName:admin MD5:d2e917195d57a8b8
http://www.cautism.com UserName:kangda MD5:0e0b2e56dc5d5905
http://www.amt.com.cn UserName:admin MD5:ec411cb0044be977
http://www.d-heaven.com UserName:cmsadmin MD5:50ea5839b500fd74
http://nsca-shanghai.com.cn UserName:admin MD5:bc356ff2d42e0dcf
http://www.zmnedu.com UserName:admin MD5:7925a2c5b49147ff
http://www.cis-expo.com UserName:admin MD5:59c5e1d09a804986
http://www.zoyue.com UserName:chinawwhb MD5:df5ab255f3c91ae5
http://www.ugitc.com UserName:admin MD5:a7a0bd9ef71d8cf9
http://www.eb5yimin.com UserName:yimin MD5:12b0fa625f9c6733
http://www.gzptly.com UserName:cncolour MD5:4d7191e8c276e745
http://www.weilanshi.com UserName:admin MD5:571e55e4f3544600
http://www.jsjyha.com UserName:admin MD5:c10beb229a472662
http://www.the9edu.com UserName:admin MD5:b2b4dcab418c486b
http://www.csc114.com UserName:admin MD5:fc74c3c9621715ba
http://www.cnasthma.com UserName:nahan MD5:c831b04de153469d
http://old.5tv.com.cn UserName:admin MD5:67ac90f8b98ab4b8
http://www.fanstour.com UserName:zhf@ MD5:95de932938d9a947
http://www.yfzdc.com UserName:admin MD5:28c460b82f54fb43
http://www.astv.com.cn UserName:admin MD5:6901773399d581a7
http://www.ginzza.net UserName:teqhost MD5:9ebb052280d37ccd
http://www.habc.org.cn UserName:habc MD5:469e80d32c0559f8
http://www.gdsme.org UserName:admin MD5:534232ee8a562849
http://www.bdwsj.gov.cn UserName:admin MD5:1456b237f44533a0
http://fzone.oushinet.com UserName:admin MD5:45e3f273326e4ea3
http://www.kidney-cares.org UserName:administrator MD5:3b407eafc243a082
http://www.dbond.net UserName:chuming MD5:6ba60d779d0aebbb
http://www.hnsbxh.org UserName:abc MD5:5e55395d57dc3f8a
http://www.imwchina.com UserName:admin MD5:d1e9b30508e63064
http://www.dgtoyota.com UserName:myadmin MD5:65914e6f8121f88c
http://www.daojiayouxue.com UserName:admin MD5:b9a0f64d09f6ab68
http://www.yxlw.org UserName:cdgadmin MD5:d08214e252decf49
http://www.trust-trust.com UserName:stadmin1 MD5:79558095a64eb822
http://www.simon-sh.com UserName:webadmin MD5:e139be103324d04d
http://www.forhead.org UserName:admin MD5:69b1e3ec2f699258
http://www.wssng.com UserName:admin MD5:bfb709dd58931f5f
http://www.lzmcwx.com UserName:admin MD5:4b88cd2afde80fd2
http://www.hrzh.org UserName:admin MD5:ac8fc472994386de
http://grandmarkrealty.net UserName:admin MD5:786624e951f4fcbf
http://www.xbtcm.com UserName:admin MD5:9dc96c496966a7f6
http://pingnannews.com UserName:admin MD5:e2a900c259ab31e3
http://www.gzyjtoyota.com UserName:myadmin MD5:65914e6f8121f88c
http://www.cchmis.cn UserName:CcadMaster MD5:568393db540b9ad1
http://www.xzxinli.com UserName:admin MD5:4b143e089e10b1ea
http://www.uestcp.com.cn UserName:liujinsong MD5:a85340b1e913e0f7
http://www.hzxhly.gov.cn UserName:admin MD5:93e482461b714777
http://nkbayy.com UserName:admin MD5:029cf707939e886e
http://www.yz918.com UserName:xtybfgu MD5:52376ea9c7864ec8
http://hee.ctgu.edu.cn UserName:admin MD5:2745542386421305
http://www.sygdw.com UserName:sygdw MD5:291c3bb684559dfd
http://www.tongcard.net UserName:admin MD5:06150a04f5c163bb
http://www.koons.com.cn UserName:admin MD5:3996abdb71e2b508
http://www.valveyoto.com UserName:admin MD5:c1f3a636c05f8257
http://www.rw-wine.com UserName:ruiwen_com2 MD5:891715ef8ceb1f7b
http://lib.qionghai.gov.cn UserName:abc MD5:5e55395d57dc3f8a
http://www.redbudgroup.org.cn UserName:redbud_admin MD5:33b34179526e12fa
http://www.fiesta.com.hk UserName:admin MD5:204233f582152996
http://www.fzys120.com UserName:admin MD5:39ff38e667472281
http://www.duoge007.com UserName:duoge MD5:cd75f87177b6febe
http://www.jssybz.com UserName:sydw MD5:7a57a5a743894a0e
http://www.dianfei.org UserName:admin MD5:b4242280103410dd
http://zjjzc.com UserName:zjjweb MD5:464f0b3d6e2efc34
http://www.013578.com UserName:JINCHENG MD5:72c1cef643c98e3a
http://www.66663333.com UserName:admin MD5:a5c9293c54538f08
http://www.ka147.com UserName:admin MD5:11c605acc3884920
http://www.114228.com UserName:admin MD5:1fafc8de44826dcc
http://www.zikaohn.com UserName:33739321 MD5:65065adf021239e3
http://www.syygyy.com UserName:cityroom MD5:9c9105140e72c7dd
http://www.lzhxzx.net UserName:admin MD5:c768f674f3c92add
http://www.yixtnb.com UserName:admin MD5:edbe6a86266db44f
http://www.refeng.net UserName:papaya MD5:373f8e6fc6733f27
http://www.zaozhuangly.com UserName:admin MD5:49ba59abbe56e057
http://www.86123123.com UserName:admin MD5:17e72fccd326b99f
http://www.zdhbo.com UserName:admin MD5:7652bd870b7cecb0
http://www.sccj6.com UserName:admin MD5:1a4224be9e6c0b72
http://www.yaosuanteng.com UserName:mafeng MD5:8bd3e402498dce41
http://www.086kqw.com UserName:admin MD5:5b16336c3d67ba49
http://www.yotolo.com UserName:tujyce MD5:03d53c9a2395b002
http://www.tmwh.com UserName:admin MD5:164dbb260505c63d
http://www.goozjj.com UserName:admin MD5:b43a54b73b6a221f
http://www.hyzhengxing.com UserName:admin MD5:e32ec5c3f5a117b4
http://www.bjbaoye.com UserName:byadmin MD5:3a2cd1a22cea1640
http://www.bjchmnw.com UserName:admin MD5:3bae929f37819e58
http://www.biantawang.com UserName:mym MD5:f200218ff5285ab0
http://www.dgxxw.net UserName:hbpeixun MD5:576e62b2d91c7470
http://www.naisee.com UserName:cgaga MD5:3f1126d1e89c3eed
http://dhaow.com UserName:admin MD5:7a57a5a743894a0e
http://zuimeijia.com UserName:admin MD5:f615b40fd9022ef0
http://www.516diy.com UserName:zhoucheng MD5:c6139c908de4a604
http://www.gxbyby.com UserName:admin MD5:deef630e71f718d9
http://www.siyin123.com UserName:admin MD5:eb853cd377ff4934
http://www.yingqin.org UserName:yingwenhua MD5:49ba59abbe56e057
http://www.losewz.com UserName:admin MD5:13d2f30b108c3f8c
http://www.021shangbiao.com UserName:admin MD5:5a55685595a72b2c
http://www.xinkegbyy.com UserName:admin MD5:2ce4a75eb264485b
http://www.sh414.com UserName:shenekin MD5:247c7fb160a440dd
http://www.shiyoupeixun.com UserName:mqzhqf MD5:25c1daccb05322d6
http://www.hxxt.cn UserName:admin MD5:a24cfb649f754bb0
http://www.nm18.com UserName:apider MD5:4efe0b194e966523
http://www.tao1638.com UserName:admin MD5:7a57a5a743894a0e
http://www.tailum.com UserName:admin MD5:ad961b25c9b37e7f
http://www.tsgbyy.com UserName:admin MD5:49ba59abbe56e057
http://www.mydcj.com UserName:bianhy MD5:39576dd3c96ed626
http://www.120xd.com UserName:admin MD5:13955235245b2497
http://www.renliu365.com UserName:0779admin MD5:ade0ca12790eb95c
http://www.028chuzhou.com UserName:admin MD5:f1ee5a1be7bb4fe8
http://www.tiandily.com UserName:tiandily2010 MD5:f5facda10893b2e2
http://www.zgditan.com UserName:admin MD5:f74ec646b7890896
http://cn.west.travel UserName:admin MD5:bfa64cbcea931592
http://www.5k58.com UserName:my_admin MD5:63d4b32999ceb403
http://www.ynguzhen.com UserName:admin MD5:da7de4810c96042f
http://www.tjbfyy.com UserName:admin MD5:e338c11d91a56de5
http://www.17jzg.com UserName:admin MD5:3f53f9fc4e1b51ca
http://www.catholic.cd UserName:admin MD5:335cc2acb8ce87fb
http://www.ziweifu.com UserName:leadcom MD5:37a7ce29dc602a59
http://www.jpxf.com UserName:admin MD5:005bf9a430660367
http://www.dipujie.com UserName:admin MD5:7a57a5a743894a0e
http://www.gk116.cn UserName:admin MD5:f920ca1c9f9a5ec8
http://www.hep6.com UserName:admin MD5:3075dcad135e26cd
http://www.mbzhan.com UserName:admin MD5:affaa0cca5eecba7
http://www.jzmoban.com UserName:admin MD5:bc5d348b09b42fad
http://www.bdfch.com UserName:admin MD5:a0f32b688a015346
http://www.5loveb.com UserName:admin MD5:b9f1e3d940d5aa12
http://www.youkeyou.com UserName:fanren MD5:b9e2e489de343173
http://www.sdzsxx.net UserName:admin MD5:9e2b8eae02a5606b
http://www.119cumt.com UserName:admin MD5:b02759daf7814712
http://www.51ou.com UserName:adminsswqzxdede51oucom MD5:ad32fb0f66e2f3ad
http://www.maomaome.com UserName:admin MD5:be27139e41c93cab
http://news.xuejiqiao.com UserName:admin MD5:d94a6ea252fd0165
http://www.hxlaa.com UserName:xiao MD5:6b41eb2011dcf129
http://www.zz1x.com UserName:btao24 MD5:24656dcb484a04b2
http://www.525222.com UserName:lotus MD5:1c9b9131355627bc
http://www.shouwutang.com UserName:admin MD5:4394dda586a2b734
http://202.196.33.231 UserName:yxz MD5:293f3c88011d98e6
http://www.qbzjw.org UserName:admin MD5:e2695f8bed7ea430
http://www.mtksj.com UserName:youzhibin MD5:9a3eecebbaee7162
http://www.ajzw.gov.cn UserName:admin MD5:0e1b2a7b1edad7bc
http://www.hrbcct.com UserName:Fabu MD5:8a6107e9574674cc08dbe6b43b43
http://www.52bus.com UserName:admin MD5:9716bbd9f69b4582
http://www.robotain.com UserName:robotain MD5:dab90ff1f6b416f1
http://www.justds.com UserName:admin MD5:87561d5afa5ba709
http://www.cnyako.com UserName:didi8765 MD5:a7d6fe7baaff92f9
http://www.chromegame.org UserName:admin_Game@123 MD5:34471f652c9ef6bd
http://www.tgindt.com UserName:admin MD5:fab11a8a46bc41a5
http://www.gzhifi.com UserName:admin MD5:c262973e4f9d8fbe
http://www.chinajianyang.com UserName:admin MD5:be692a77e34d959c

修复方案:

版权声明:转载请注明来源 我来找快乐@乌云


漏洞回应

厂商回应:

危害等级:高

漏洞Rank:20

确认时间:2014-03-05 09:38

厂商回复:

CNVD确认并复现所述情况,根据测试用例,已经转由CNCERT通过对应省份分中心下发,同时已经组织全国分中心验证和处置涉及本省的政府网站案例。按通用软件漏洞案例进行评分,rank 20+

如果白帽子有基于主动式检测(非google hack)的识别方法,也请进一步告知,以便CNCERT做好全互联网的应急工作。

最新状态:

暂无


漏洞评价: