VULHUB ™

### 简要描述： ShopEx某wiki系统弱密码导致大量敏感信息和源码泄漏 ### 详细说明： http://workspace.ec-ae.com/wiki/index.php 帐号：lixiaoli 密码：19731125 然后通过wiki 找出3个svn帐号 wangyan:326459 wangyan 51086858 Bella_wy 123456 get 了大量源码 http://scm.ec-ae.com/platform/branches/current http://scm.ec-ae.com/ecaepartner/branches/current http://app.ec-os.net/svn/hudsonecae/trunk/health_check http://scm.ec-ae.com/www/trunk ### 漏洞证明： [<img src="https://images.seebug.org/upload/201409/06110941f9f53c20fa94df238f410b8887edf7e0.jpg" alt="1.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201409/06110941f9f53c20fa94df238f410b8887edf7e0.jpg) [<img src="https://images.seebug.org/upload/201409/06110949e78a31f0fa0676cb04baf1505a90bb73.jpg" alt="2.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201409/06110949e78a31f0fa0676cb04baf1505a90bb73.jpg)

### 简要描述： ShopEx某wiki系统弱密码导致大量敏感信息和源码泄漏 ### 详细说明： http://workspace.ec-ae.com/wiki/index.php 帐号：lixiaoli 密码：19731125 然后通过wiki 找出3个svn帐号 wangyan:326459 wangyan 51086858 Bella_wy 123456 get 了大量源码 http://scm.ec-ae.com/platform/branches/current http://scm.ec-ae.com/ecaepartner/branches/current http://app.ec-os.net/svn/hudsonecae/trunk/health_check http://scm.ec-ae.com/www/trunk ### 漏洞证明： [<img src="https://images.seebug.org/upload/201409/06110941f9f53c20fa94df238f410b8887edf7e0.jpg" alt="1.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201409/06110941f9f53c20fa94df238f410b8887edf7e0.jpg) [<img src="https://images.seebug.org/upload/201409/06110949e78a31f0fa0676cb04baf1505a90bb73.jpg" alt="2.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201409/06110949e78a31f0fa0676cb04baf1505a90bb73.jpg)