إرسال #398803: master-nan sweet-cms None SQL Injectionالمعلومات

عنوانmaster-nan sweet-cms None SQL Injection
الوصفIn line 63 of the repository/impl/ sys_table_imp.go file, you use fmt.Sprintf to build SQL statements directly, including user-supplied values (via the parameters indexName, tableName, and fields). If an attacker is able to control any of these parameters, they could inject malicious SQL code into them to manipulate database queries or perform other malicious operations. code flow: from route /table/index ``` 代码 initialize/router.go 片段(行 74 到 74 ): adminGroup.POST("/table/index", app.TableController.CreateTableIndex) 代码 controller/sys_table_controller.go 片段(行 339 到 339 ): func (t *TableController) CreateTableIndex(ctx *gin.Context) { 代码 controller/sys_table_controller.go 片段(行 344 到 344 ): err := utils.ValidatorBody[request.TableIndexCreateReq](ctx, &data, translator) 代码 controller/sys_table_controller.go 片段(行 349 到 349 ): err = t.sysTableService.CreateTableIndex(ctx, data) 代码 service/sys_table_service.go 片段(行 555 到 555 ): func (s *SysTableService) CreateTableIndex(ctx *gin.Context, req request.TableIndexCreateReq) error { 代码 service/sys_table_service.go 片段(行 556 到 556 ): err := s.sysTableRepo.ExecuteTx(ctx, func(tx *gorm.DB) error { 代码 service/sys_table_service.go 片段(行 592 到 592 ): if e := s.sysTableRepo.CreateTableIndex(tx, req.IsUnique, req.IndexName, table.TableCode, fields); e != nil { 代码 repository/impl/sys_table_impl.go 片段(行 56 到 56 ): func (s *SysTableRepositoryImpl) CreateTableIndex(tx *gorm.DB, isUnique bool, indexName string, tableCode string, fields string) error { 代码 repository/impl/sys_table_impl.go 片段(行 62 到 62 ): createIndexSql := fmt.Sprintf("CREATE %s INDEX %s ON %s (%s)", unique, indexName, tableName, fields) 代码 repository/impl/sys_table_impl.go 片段(行 62 到 62 ): createIndexSql := fmt.Sprintf("CREATE %s INDEX %s ON %s (%s)", unique, indexName, tableName, fields) 代码 repository/impl/sys_table_impl.go 片段(行 63 到 63 ): return tx.Exec(createIndexSql).Error ``` ``` type TableIndexCreateReq struct { TableId int `json:"table_id" binding:"required"` IndexName string `json:"index_name" binding:"required"` IsUnique bool `json:"is_unique" binding:"required"` IndexFields []TableIndexFieldReq `json:"index_fields" binding:"required,min=1"` } ```
المصدر⚠️ https://github.com/master-nan/sweet-cms/issues/1
المستخدم
 zihe (UID 56943)
ارسال27/08/2024 07:01 PM (2 سنوات منذ)
الاعتدال30/08/2024 07:28 AM (3 days later)
الحالةتمت الموافقة
إدخال VulDB276208 [master-nan Sweet-CMS حتى 5f441e022b8876f07cde709c77b5be6d2f262e3f /table/index حقن SQL]
النقاط20

Want to stay up to date on a daily basis?

Enable the mail alert feature now!