### 简要描述:
信游科技管理后台弱口令导致敏感信息泄漏
### 详细说明:
```
test.52xinyou.cn/xykj/login.aspx
```
[<img src="https://images.seebug.org/upload/201411/2713061074949d82ca2cbc4ac479149ed322263b.jpg" alt="1.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201411/2713061074949d82ca2cbc4ac479149ed322263b.jpg)
应该是测试系统
看下服务邮箱账号泄露
[<img src="https://images.seebug.org/upload/201411/2713071639188391e2b78beab21c8d841f08bf8f.jpg" alt="2.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201411/2713071639188391e2b78beab21c8d841f08bf8f.jpg)
登陆
[<img src="https://images.seebug.org/upload/201411/271307561e1390f8945c100f305a1020fabdc15e.jpg" alt="5.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201411/271307561e1390f8945c100f305a1020fabdc15e.jpg)
[<img src="https://images.seebug.org/upload/201411/27130821105ab6d6315de762044d94fcac7d5386.jpg" alt="4.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201411/27130821105ab6d6315de762044d94fcac7d5386.jpg)
### 漏洞证明:
并且可以管理前台页面
[<img src="https://images.seebug.org/upload/201411/27130857294a7112e65472677bc0e58ef60543cf.jpg" alt="6.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201411/27130857294a7112e65472677bc0e58ef60543cf.jpg)
京公网安备 11010502034610号
暂无评论