MCMS存在SQL注入【前台】 · Issue #I4QZ1I · 铭飞/MCMS - Gitee

Open Source > Web System > Content Management System &&

/ 详情

Done

Opened this issue

2022-01-16 01:23

漏洞原理

/mdiy/dict/list 路由下代码如下，有个SQL语句查询
输入图片说明
跟进一下，发现直接将orderBy的属性值拼接进SQL语句，没有任何的过滤，存在SQL注入

输入图片说明

证明

输入图片说明

created任务

changed description

changed issue state from 待办的 to 进行中

set milestone to 5.2.6

Expand operation logs

感谢对开源产品的关注与支持，本月会全部同步更新

changed issue state from 进行中 to 已完成

Sign in to comment

Status

Assignees

Milestones

Pull Requests

Successfully merging a pull request will close this issue.

Branches

Planed to start - Planed to end

-

Top level

Priority

参与者（2）

Java

1

https://gitee.com/mingSoft/MCMS.git

git@gitee.com:mingSoft/MCMS.git

mingSoft

MCMS

MCMS