VULHUB ™

### 简要描述： 信游科技管理后台弱口令导致敏感信息泄漏 ### 详细说明： ``` test.52xinyou.cn/xykj/login.aspx ``` [<img src="https://images.seebug.org/upload/201411/2713061074949d82ca2cbc4ac479149ed322263b.jpg" alt="1.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201411/2713061074949d82ca2cbc4ac479149ed322263b.jpg) 应该是测试系统 看下服务邮箱账号泄露 [<img src="https://images.seebug.org/upload/201411/2713071639188391e2b78beab21c8d841f08bf8f.jpg" alt="2.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201411/2713071639188391e2b78beab21c8d841f08bf8f.jpg) 登陆 [<img src="https://images.seebug.org/upload/201411/271307561e1390f8945c100f305a1020fabdc15e.jpg" alt="5.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201411/271307561e1390f8945c100f305a1020fabdc15e.jpg) [<img src="https://images.seebug.org/upload/201411/27130821105ab6d6315de762044d94fcac7d5386.jpg" alt="4.jpg" width="600"...

### 简要描述： 信游科技管理后台弱口令导致敏感信息泄漏 ### 详细说明： ``` test.52xinyou.cn/xykj/login.aspx ``` [<img src="https://images.seebug.org/upload/201411/2713061074949d82ca2cbc4ac479149ed322263b.jpg" alt="1.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201411/2713061074949d82ca2cbc4ac479149ed322263b.jpg) 应该是测试系统 看下服务邮箱账号泄露 [<img src="https://images.seebug.org/upload/201411/2713071639188391e2b78beab21c8d841f08bf8f.jpg" alt="2.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201411/2713071639188391e2b78beab21c8d841f08bf8f.jpg) 登陆 [<img src="https://images.seebug.org/upload/201411/271307561e1390f8945c100f305a1020fabdc15e.jpg" alt="5.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201411/271307561e1390f8945c100f305a1020fabdc15e.jpg) [<img src="https://images.seebug.org/upload/201411/27130821105ab6d6315de762044d94fcac7d5386.jpg" alt="4.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201411/27130821105ab6d6315de762044d94fcac7d5386.jpg) ### 漏洞证明： 并且可以管理前台页面 [<img src="https://images.seebug.org/upload/201411/27130857294a7112e65472677bc0e58ef60543cf.jpg" alt="6.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201411/27130857294a7112e65472677bc0e58ef60543cf.jpg)