An SQL injection vulnerability exists in a website of Zhiyin manke (involving million user information and passwords)
Database: comic
Table: mk_user
[53 columns]
+ ------------------ + -------------- +
| Column | Type |
+ ------------------ + -------------- +
| Addresses | varchar (200) |
| Addtime | datetime |
| Answer | varchar (50) |
| Author | int (2) |
| Birthday | date |
| Checkcode | varchar (4) |
| City | varchar (30) |
| Classid | int (11) |
| Currentweeklevel | int (11) |
| Description | text |
| Email | varchar (30) |
| Experience | int (11) |
| Face | varchar (30) |
| Id | int (11) |
| Intro | varchar (200) |
| Jinbi | int (11) |
| Lastweeklevel | int (11) |
| Logintime | datetime |
| Mobile | varchar (15) |
| Money | int (11) |
| Monthticket | int (11) |
| Nettype | varchar (30) |
| Nick | varchar (50) |
| Password | varchar (35) |
| Paymethod | varchar (15) |
| Phone | varchar (15) |
| Postnum | varchar (6) |
| Province | varchar (10) |
| Qq | varchar (15) |
| Qqverify | int (1) |
| Question | varchar (50) |
| Realname | varchar (10) |
| Regip | varchar (15) |
| Salt | varchar (10) |
| Sex | int (1) |
| Shutup | date |
| Status | int (1) |
| Tongban | int (11) |
| Treaty | smallint (1) |
| Tuijianid | int (11) |
| Type | varchar (20) |
| Username | varchar (50) |
| Verifycode | varchar (16) |
| Vip | datetime |
| Viptype | int (1) |
| Vmarshal | int (11) |
| Vipvalupdate | date |
| Weibo | varchar (200) |
| Weixin | varchar (200) |
| Workshop | varchar (30) |
| Workshopinfo | text |
| Yinpiao | int (2) |
| Yuanbao | int (11) |
+ ------------------ + -------------- +
http://xiao.zymk.cn/index.php/reply/index/page/1?aboutid=145625&type=100
Database: comic[230 tables]+------------------------+| mk_ad || mk_adclick || mk_address || mk_admin || mk_admingroup || mk_adminmenu || mk_adpos || mk_album || mk_alipayrurl || mk_allchapter || mk_allcomic || mk_androidcard || mk_androidcardaccessjl || mk_androidcardcate || mk_androidcardjl || mk_androidcardseason || mk_androidimei || mk_androidinfo || mk_androidinfoclass || mk_apiuser || mk_area || mk_article || mk_article_type || mk_baidudata || mk_bookmark || mk_caijiinfo || mk_cate || mk_chapter || mk_charactor || mk_city || mk_comic || mk_comicabout || mk_comicaboutclass || mk_comiccate || mk_comicfeel || mk_comiclike || mk_cptag || mk_cptagnum || mk_customvote || mk_customvotesum || mk_ddtcardkey || mk_delcomic || mk_delnovel || mk_diaocha || mk_downandroid || mk_ebook || mk_ebookclass || mk_echapter || mk_editor || mk_editorgroup || mk_eower || mk_exclusive || mk_experience || mk_fav || mk_feed || mk_feelrecord || mk_group || mk_help || mk_helpclass || mk_hot_ad_b || mk_hot_ad_c || mk_hot_bg || mk_hot_focus || mk_indexbg || mk_info || mk_infoclass || mk_information || mk_ip || mk_job || mk_jobapp || mk_joinapply || mk_keywordsstyle || mk_library || mk_libraryclass || mk_links || mk_listkeywords || mk_logs || mk_lostorder || mk_mailsend || mk_minisite || mk_minisite_record || mk_mkcard || mk_mkchapter || mk_mksend || mk_mksendjl || mk_mkvote || mk_mkvotecomic || mk_mkvotedata || mk_mkvotegift || mk_mobiebook || mk_mobilevip || mk_moneyjl || mk_monthticket || mk_msg || mk_mvpvote || mk_newlist || mk_news || mk_newsclass || mk_nochapter || mk_notice || mk_novel || mk_novelad || mk_noveladpos || mk_novelbg || mk_novelchapter || mk_novelfav || mk_novelnews || mk_novelnewsclass || mk_novelpl || mk_novelread || mk_novelso || mk_noveltheme || mk_noveltj || mk_order || mk_permission || mk_permissiongroup || mk_picdown || mk_picdownjl || mk_pingjia || mk_pinglun || mk_plsupport || mk_prettypic || mk_product || mk_productclass || mk_province || mk_qqcomic || mk_qquser || mk_race || mk_raffle || mk_readed || mk_readfeel || mk_readnum || mk_readrecord || mk_renrenuser || mk_reprinted || mk_resources || mk_resourcesclass || mk_ruanwen || mk_school || mk_share || mk_shop || mk_signing || mk_sinauser || mk_sokw || mk_speluser || mk_suggest || mk_tag_novel || mk_tag_num || mk_tag_record || mk_tbbuy || mk_tbweek || mk_template || mk_tixian || mk_tjclass || mk_tjcomic || mk_tongbancode || mk_tongbanjl || mk_tongji || mk_tongren || mk_tuangift || mk_tucao || mk_tuijianticket || mk_u17 || mk_user || mk_usergroup || mk_userproperties || mk_vassistant || mk_vauthor || mk_video || mk_videolist || mk_vip_clear || mk_vote || mk_wap_set || mk_weekprize || mk_weekprizeinfo || mk_weekprizejl || mk_weekread || mk_weekup || mk_wish || mk_xxactivity || mk_xxactivitycomic || mk_xxbiaoqing || mk_xxdingyue || mk_xxfocus || mk_xxgeili || mk_xxhuati || mk_xxinfo || mk_xxinfoclass || mk_xxkendie || mk_xxlinks || mk_xxnews || mk_xxnewsclass || mk_xxreply || mk_xxtimeline || mk_xxuppic || mk_xxyuanchuang || mk_xxzhuanbo || mk_yaoqingcode || mk_yinpiao || mk_yuanbaojl || mk_zhuanti || mk_zhuanticlass || mk_zhuantifeel || mk_zhuantiinfo || mk_zhuantiinfoclass || mk_zhuantimodel || mk_zhuantimodelclass || mk_zhuantimodeluse || mk_zhuantitpl || mk_zhuantitplclass || mk_ztforecastcomic || mk_ztforecastnum || mk_ztforecastvote || mk_ztforecastvotejl || mk_ztinfo || mk_ztinfoclass || mk_ztluanjichao || mk_ztname || mk_ztspring2012 || mk_zttucao || mk_ztvote || mk_ztvoteclass || mk_ztvotejl || mk_ztxiaoxiao || mk_ztxiaoxiaovote || mk_ztzhushujie || mk_ztzhushujietp || mk_zymkad || mk_zymkfloat || test |+------------------------+
4.4 million user information:
Sensitive information including user name and password:
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
