| 제목 | Mini-Tmall当前版本存在SQL注入 |
|---|
| 설명 | https://gitee.com/project_team/Tmall_demo
Mini-Tmall开源项目是一个基于Spring Boot的迷你天猫商城,快速部署运行,适合作为毕设模板 所用技术:Spring Boot/MySQL/Druid/Log4j2/Maven/Echarts/Bootstrap
Mini-Tmall开源项目中发现了一个被归类为严重的漏洞,在前台/produce路径,对参数orderby的操作导致 sql 注入。详细请在链接中查看
The Mini-Tmall open source project is a mini Tmall marketplace based on Spring Boot, which is quickly deployed and run, suitable as a template for the design of the technology used: Spring Boot/MySQL/Druid/Log4j2/Maven/Echarts/Bootstrap
A vulnerability classified as critical was found in the Mini-Tmall open source project where manipulation of the parameter orderby in the foreground/produce path resulted in SQL injection.Please check the link for details |
|---|
| 원천 | ⚠️ https://github.com/FFR66/Mini-Tmall_SQL/blob/main/README.md |
|---|
| 사용자 | fkalis (UID 52531) |
|---|
| 제출 | 2023. 08. 11. AM 10:56 (3 연령 ago) |
|---|
| 모더레이션 | 2023. 08. 20. AM 09:06 (9 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 237566 [Mini-Tmall 까지 20230811 1?test=1&test2=2& orderBy SQL 주입] |
|---|
| 포인트들 | 20 |
|---|