Enviar #765093: Jeecgboot 3.9.1 SQL Injectioninformación

TítuloJeecgboot 3.9.1 SQL Injection
DescripciónA logic flaw exists in the WAF's SQL injection detection mechanism, allowing attackers to bypass keyword filtering and execute arbitrary SQL queries. The vulnerability stems from a poorly constructed regular expression designed to detect SQL keywords and an asymmetric validation logic that fails to properly sanitize matched substrings.
Fuente⚠️ https://www.yuque.com/la12138/pa2fpb/ab1i8wyeeg1zzgq5?singleDoc
Usuario
 Saul1213 (UID 94577)
Sumisión2026-02-21 13:26 (hace 1 mes)
Moderación2026-03-06 21:58 (13 days later)
EstadoAceptado
Entrada de VulDB349569 [JeecgBoot hasta 3.9.1 getDictItems isExistSqlInjectKeyword inyección SQL]
Puntos18

AnteriorVisión De ConjuntoPróximo

Do you know our Splunk app?

Download it now for free!