4K Star 13.2K Fork 6.1K

GVP铭飞 / MCMS

 / 详情

MCMS存在SQL注入【前台】

Done
Opened this issue  
2022-01-16 01:23

漏洞原理

/mdiy/dict/list 路由下代码如下,有个SQL语句查询
输入图片说明
跟进一下,发现直接将orderBy的属性值拼接进SQL语句,没有任何的过滤,存在SQL注入

输入图片说明

证明

输入图片说明

Comments (1)

lz2y&r2 created任务
lz2y&r2 changed description
铭飞 changed issue state from 待办的 to 进行中
铭飞 set milestone to 5.2.6
Expand operation logs

感谢对开源产品的关注与支持,本月会全部同步更新

铭飞 changed issue state from 进行中 to 已完成

Sign in to comment

Status
Assignees
Milestones
Pull Requests
Successfully merging a pull request will close this issue.
Branches
Planed to start   -   Planed to end
-
Top level
Priority
参与者(2)
542665 mingsoft 1578927126
Java
1
https://gitee.com/mingSoft/MCMS.git
git@gitee.com:mingSoft/MCMS.git
mingSoft
MCMS
MCMS

Search