[公开漏洞]中华英才网(ChinaHR)SQL注入漏洞

来源:WooYun 浏览:766次 时间:2014-06-19
做网站找雨过天晴工作室
中华英才网(ChinaHR)SQL注入漏洞 相关厂商: 中华英才网 漏洞作者:luwikes 提交时间:2014-05-04 23:37 公开时间:2014-06-18 23:38 漏洞类型:SQL注射漏洞 危害等级:中 自评Rank:1 漏洞状态: 未联系到厂商或者厂商积极忽略 漏洞来源:http://www.wooyun.org Tags标签: asp+sqlserver注射 漏洞详情 披露状态:

2014-05-04:积极联系厂商并且等待厂商认领中,细节不对外公开
2014-06-18:厂商已经主动忽略漏洞,细节向公众公开

简要描述:

好水的

详细说明:

URL:http://pages.chinahr.com/2012/bj/spacechina_0327/jobs.asp?chiMemID=200504010002350134&strMemID=200504010002350005

current.png



dbs.png

漏洞证明:

countForCompany.png



Database: bo

[200 tables]

+--------------------------------------------+

| dbo.Branch |

| dbo.Branch_bak20130518 |

| dbo.Branch_bak20130724 |

| dbo.CanceledCompanies |

| dbo.CanceledCompanyTransit |

| dbo.CheckDmData |

| dbo.ComanySync |

| dbo.Company |

| dbo.CompanyIDMapping |

| dbo.CompanyResourceTransit |

| dbo.CompanyResources |

| dbo.CompanyResourcesApplyLog |

| dbo.CompanyResourcesNameSearch |

| dbo.CompanyXMLFile |

| dbo.CompanyXMLFile_20130822 |

| dbo.ConfirmationForm |

| dbo.ConfirmationFormApprovalInfo |

| dbo.ConfirmationFormAttachment |

| dbo.ConfirmationFormInvoice |

| dbo.ConfirmationFormInvoiceModifyLog |

| dbo.ContractLastTime |

| dbo.CoreSiteDictInfo |

| dbo.CoreSiteJobCategories |

| dbo.CustomerContact |

| dbo.CustomerContactLog |

| dbo.CustomerContactModifyLog |

| dbo.CustomerCreditDegree |

| dbo.CustomerFraudStatus |

| dbo.CustomerIndustries |

| dbo.CustomerIndustries20131119 |

| dbo.CustomerIndustriesTransit |

| dbo.CustomerInfo |

| dbo.CustomerLocalInfo |

| dbo.CustomerLocalInfoTransit |

| dbo.CustomerNameSearch |

| dbo.CustomerQualification |

| dbo.CustomerSalesRelationApplication |

| dbo.CustomerSalesRelationMapping |

| dbo.CustomerSalesRelationMappingLog |

| dbo.CustomerUser |

| dbo.Customers |

| dbo.CustomersBORelation |

| dbo.DBTaskSyncInfo |

| dbo.DMEmailOpenLog |

| dbo.DMErrorEmailList |

| dbo.DMProject |

| dbo.DMQueryUsers |

| dbo.DMTargetUser |

| dbo.DMTargetUserQuery |

| dbo.DMTemplate |

| dbo.DMTemplate_20130301 |

| dbo.DMTemplate_20130523 |

| dbo.Dept |

| dbo.Dept20140124zhangfan |

| dbo.DeptAllSubInfo |

| dbo.DictInfo |

| dbo.DictMapping |

| dbo.EcomLookupChannelEcomProductTypes |

| dbo.EcomLookupEcomProductTypes |

| dbo.EcomLookupOrdersFraudStatuses |

| dbo.EcomLookupProductAttributeTypes |

| dbo.EcomProductAttributeChannelDefaults |

| dbo.EcomProductAttributes |

| dbo.EcomProductDefinitions |

| dbo.EcomProductModifyLog |

| dbo.EcomProductTerms |

| dbo.EcomProductTypeProductAttributes |

| dbo.EcomProductTypeTerm |

| dbo.EcomProducts |

| dbo.EcommContact |

| dbo.EcommContactType |

| dbo.EcommHeaderAttribute |

| dbo.EcommLineAttribute |

| dbo.EcommLineBill |

| dbo.EcommLineBillAttribute |

| dbo.EcommLineBillOpLog |

| dbo.EcommOrderFraudStatus |

| dbo.EcommOrderHeader |

| dbo.EcommOrderLineItem |

| dbo.EcommOrderPromotion |

| dbo.EcommOrderState |

| dbo.EcommOrderStateLog |

| dbo.EcommPaymentInfo |

| dbo.EcommPaymentProcessorType |

| dbo.EcommPaymentType |

| dbo.EcommProfileContact |

| dbo.GoesLocationMapping |

| dbo.ImportantTask |

| dbo.ImportantTaskHistory |

| dbo.InternsZoneCity |

| dbo.InternsZoneCompany |

| dbo.JobCategories |

| dbo.JobCategoriesAndOccupations |

| dbo.JobInfo |

| dbo.JobOCC |

| dbo.KOTSLog |

| dbo.KOTSProductsMapping |

| dbo.Location |

| dbo.LocationJob |

| dbo.LocationMJ |

| dbo.LookupCities |

| dbo.LookupCountries |

| dbo.LookupDetailedCompanySizes |

| dbo.LookupJobCategories |

| dbo.LookupJobTypes |

| dbo.LookupKarmaCompanySizes |

| dbo.LookupMonsterIndustries |

| dbo.LookupStates |

| dbo.LookupYearsExperience |

| dbo.LostAdminStaff |

| dbo.LostCustomer |

| dbo.LostCustomerContact |

| dbo.LostOldStaff |

| dbo.LostPublicArea |

| dbo.LostQualification |

| dbo.LostRelationship |

| dbo.LostTransferApply |

| dbo.MJIndustries |

| dbo.MSpeer_conflictdetectionconfigrequest |

| dbo.MSpeer_conflictdetectionconfigresponse |

| dbo.MSpeer_lsns |

| dbo.MSpeer_originatorid_history |

| dbo.MSpeer_request |

| dbo.MSpeer_response |

| dbo.MSpeer_topologyrequest |

| dbo.MSpeer_topologyresponse |

| dbo.MSpub_identity_range |

| dbo.MailSendLog |

| dbo.MonsterFieldsOfStudy |

| dbo.MonsterIndustry |

| dbo.OpLog |

| dbo.OrderAuditSataus |

| dbo.OrderHeaderInfo |

| dbo.PositionsPosition |

| dbo.PositionsXml |

| dbo.PublicArea |

| dbo.RegionInfo |

| dbo.ReportDownloadLog |

| dbo.RightControllerAction |

| dbo.RightPoint |

| dbo.Role |

| dbo.RoleRight |

| dbo.SMTPServer |

| dbo.SOSCustomerInfo |

| dbo.SStatCompanys |

| dbo.SStatDictInfo |

| dbo.SStatDictMapping |

| dbo.SStatDictMapping_bak |

| dbo.SStatJobs |

| dbo.SStatReports |

| dbo.Salary |

| dbo.SalesReportApply |

| dbo.SalesReportJobs |

| dbo.SerialCodeGenRecord |

| dbo.ShareCode |

| dbo.SpiderReportViewLog |

| dbo.TT |

| dbo.TaskEntry |

| dbo.TaskEntryHistory |

| dbo.TaskMemIDForOrderState |

| dbo.TaskOrderExpiryOrderID |

| dbo.TimeTrackerInfo |

| dbo.UserAndPublicAreaLeader |

| dbo.UserInfo |

| dbo.UserInfo_20121110 |

| dbo.UserLeader |

| dbo.UserLeaderTransit |

| dbo.UserPublicArea |

| dbo.UserRightDept |

| dbo.UserRole |

| dbo.companyidmapping201305201039 |

| dbo.contract |

| dbo.contract_application |

| dbo.csv_data |

| dbo.hxy |

| dbo.job_categories |

| dbo.job_info |

| dbo.job_occ |

| dbo.mem_Industries |

| dbo.mem_docinfo |

| dbo.mem_itemconfig |

| dbo.mem_reginfo |

| dbo.messages |

| dbo.monstercompany |

| dbo.org_info |

| dbo.sysarticlecolumns |

| dbo.sysarticles |

| dbo.sysarticleupdates |

| dbo.sysdiagrams |

| dbo.sysextendedarticlesview |

| dbo.syspublications |

| dbo.sysreplservers |

| dbo.sysschemaarticles |

| dbo.syssubscriptions |

| dbo.systranschemas |

| dbo.tbHost |

| dbo.tempProjectJobContent |

| dbo.temp_mapping |

| dbo.test |

| dbo.user_info |

+--------------------------------------------+

附近还有几个注射点,挺独特

修复方案:

~

版权声明:转载请注明来源 luwikes@乌云 漏洞回应 厂商回应:

未能联系到厂商或者厂商积极拒绝