Soumettre #480836: JoeyBling bootplus 1.0 SQL Injection
| Titre | JoeyBling bootplus 1.0 SQL Injection |
|---|---|
| Description | The queryListByPage method in src/main/java/io/github/service/impl/SysRoleServiceImpl.java did not filter the passed sort value, resulting in SQL injection |
| La source | ⚠️ https:/ |
| Utilisateur | LVZC3 (UID 79687) |
| Soumission | 14/01/2025 12:26 (il y a 1 Année) |
| Modérer | 24/01/2025 10:46 (10 days later) |
| Statut | Accepté |
| Entrée VulDB | 293227 [JoeyBling bootplus /admin/sys/role/list sort injection SQL] |
| Points | 15 |