| Título | z-9527 admin ≤ commit 72aaf2d SQL Injection |
|---|
| Descripción | A SQL injection vulnerability exists in Z-9527 Admin ≤ commit 72aaf2d at the /user/login endpoint, where the username field in the request body is concatenated directly into a SQL statement without sanitization or parameterization. As a result, unauthenticated attackers can bypass the password check, obtain a valid authentication response (JWT), and immediately assume the targeted account's identity. This can lead to account takeover, data exposure, and potential full system compromise. Mitigations include using parameterized queries or prepared statements instead of string concatenation, enforcing strict server-side input validation and escaping, storing and verifying passwords with strong hashing algorithms (e.g., bcrypt or argon2), applying least-privilege to database accounts, deploying WAF rules to detect common SQLi patterns, and conducting a comprehensive security audit of all database query construction across the codebase. |
|---|
| Fuente | ⚠️ https://github.com/CC-T-454455/Vulnerabilities/tree/master/z9527-admin/vulnerability-3 |
|---|
| Usuario | Anonymous User |
|---|
| Sumisión | 2026-02-14 14:48 (hace 2 meses) |
|---|
| Moderación | 2026-02-25 15:04 (11 days later) |
|---|
| Estado | Duplicado |
|---|
| Entrada de VulDB | 347772 [z-9527 admin 1.0/2.0 user.js checkName/register/login/getUser/getUsers inyección SQL] |
|---|
| Puntos | 0 |
|---|