| タイトル | gopeak MasterLab ≤v3.3.10 Pre-Auth SQL Injection |
|---|
| 説明 | The vulnerability is identified within the sqlInjectDelete function in the app/ctrl/framework/Feature.php file of the MasterLab project. This pre-authentication SQL injection vulnerability affects versions up to and including 3.3.10. The function in question improperly concatenates the phone parameter directly into an SQL query. It appears to be a piece of legacy test code that was inadvertently left in the production code.
An attacker can exploit this vulnerability by using tools like Postman to send a crafted POST request that includes a malicious SQL statement. For instance, by inserting the sleep(5) command, the attacker can cause the database operation to delay for 5 seconds, thereby confirming the presence of an SQL injection vulnerability. This flaw allows attackers to manipulate the database without any form of authentication, which could lead to serious security implications such as data breaches, data manipulation, or even full database compromise.
It is recommended that users upgrade to a version where this vulnerability has been fixed or apply necessary patches to mitigate the risk. |
|---|
| ソース | ⚠️ https://note.zhaoj.in/share/jRqEcVBTsZh4 |
|---|
| ユーザー | glzjin (UID 59815) |
|---|
| 送信 | 2023年12月27日 10:43 (2 年 ago) |
|---|
| モデレーション | 2023年12月28日 09:34 (23 hours later) |
|---|
| ステータス | 承諾済み |
|---|
| VulDBエントリ | 249149 [gopeak MasterLab 迄 3.3.10 HTTP POST Request Feature.php sqlInjectDelete phone SQLインジェクション] |
|---|
| ポイント | 20 |
|---|