锦江之星旗下某快捷酒店SQL注射

漏洞详情

披露状态:

2014-02-28: 细节已通知厂商并且等待厂商处理中
2014-03-06: 厂商已经确认,细节仅向厂商公开
2014-03-16: 细节向核心白帽子及相关领域专家公开
2014-03-26: 细节向普通白帽子公开
2014-04-05: 细节向实习白帽子公开
2014-04-14: 细节向公众公开

简要描述:

........

详细说明:

.........

漏洞证明:

http://www.bestay.com.cn/Web/Chain/ShowHotel_cj.aspx?Uid=8079  注射点

14年02月28日1736_1.png



[81 tables]
+-----------------------------------------+
| dbo.CDS_UnitRmTp |
| dbo.DN_CodeDescript |
| dbo.DN_District |
| dbo.DN_Unit |
| dbo.DN_Unit_20140120 |
| dbo.HT_CRSRmTp |
| dbo.HT_PayAccountInnHotel |
| dbo.HT_ResvApp |
| dbo.HT_UnitInfo |
| dbo.HT_UnitPosition |
| dbo.HT_UnitRmTp |
| dbo.JW_Apply |
| dbo.JW_ApplytoJoin |
| dbo.JW_BrandInfo |
| dbo.JW_BrandInfoCate |
| dbo.JW_Bus_XZ |
| dbo.JW_Bus_XZ_Hotels |
| dbo.JW_Channels |
| dbo.JW_ChefInfo |
| dbo.JW_ChefInfoCate |
| dbo.JW_CityInfo |
| dbo.JW_CityPIOData |
| dbo.JW_Collect |
| dbo.JW_CompanyLink |
| dbo.JW_CompanyLinkClass |
| dbo.JW_CountryList |
| dbo.JW_DataVersion |
| dbo.JW_Department |
| dbo.JW_DiTieXianLu |
| dbo.JW_DownLoad |
| dbo.JW_Education |
| dbo.JW_FormService |
| dbo.JW_Guest_Consultation |
| dbo.JW_Guest_HotelComment |
| dbo.JW_HotelComment |
| dbo.JW_HotelPhoto |
| dbo.JW_InfoPicture |
| dbo.JW_InnHotel_NearInfo |
| dbo.JW_JobCate |
| dbo.JW_JobPosition |
| dbo.JW_LinkCate |
| dbo.JW_Links |
| dbo.JW_MsgStatus |
| dbo.JW_NewsWeiXin |
| dbo.JW_OftenOrderHotel |
| dbo.JW_OftenOrderUser |
| dbo.JW_OperationType |
| dbo.JW_OrderBuyCard |
| dbo.JW_ProInfo |
| dbo.JW_ProInfoCate |
| dbo.JW_RecType |
| dbo.JW_ScoreClass |
| dbo.JW_ScoreTrans |
| dbo.JW_ServiceList |
| dbo.JW_SiteMsg |
| dbo.JW_SpecOffs |
| dbo.JW_SpecOffsCate |
| dbo.JW_SpecOffsType |
| dbo.JW_SpecialCity |
| dbo.JW_SpecialCity_20140115 |
| dbo.JW_SpecialCity_a |
| dbo.JW_StatisticsClass |
| dbo.JW_TuiJian |
| dbo.JW_Unit360Flash |
| dbo.JW_Unit360Flash_1 |
| dbo.JW_UnitMinPrice |
| dbo.JW_UploadFile |
| dbo.JW_UserMsgSite |
| dbo.JW_UserQPlus |
| dbo.JW_WeiXinResv |
| dbo.JW_qykh |
| dbo.MSreplication_objects |
| dbo.MSreplication_subscriptions |
| dbo.MSsavedforeignkeycolumns |
| dbo.MSsavedforeignkeyextendedproperties |
| dbo.MSsavedforeignkeys |
| dbo.MSsnapshotdeliveryprogress |
| dbo.MSsubscription_agents |
| dbo.v_SpecOffs_Info |
| dbo.v_dnunit_htunitinfo |
| dbo.v_hotellist |
+-----------------------------------------+

修复方案:

.....................

版权声明:转载请注明来源 雅柏菲卡@乌云


漏洞回应

厂商回应:

危害等级:高

漏洞Rank:15

确认时间:2014-03-06 10:23

厂商回复:

已确认,正在修复,谢谢

最新状态:

暂无


漏洞评价: