| 제목 | markparticle WebServer 1.0 SQL Injection |
|---|
| 설명 | A sql injection found in `code/http/httprequest.cpp:192-195` of WebServer≤ 1.0, it use `snprintf` to format the user inputs `username` and `password` with sql statement `select` without any check. Furthur more, here is another unsafe design making this vulnerablity **more dangerous**. From line 203 to 219, there is a `while` loop to **fetch all the data `select` statement queried**, if we use comment like `#` or `—` ,the sql statement will get **more than 1 row**, thus, nomatter whose password is hit, its account will login succefully. |
|---|
| 원천 | ⚠️ https://magnificent-dill-351.notion.site/SQL-Injection-of-Login-in-WebServer-1-0-1d1c693918ed800b847bcc28bd691b7c |
|---|
| 사용자 | s0l42 (UID 82389) |
|---|
| 제출 | 2025. 04. 11. AM 05:08 (1 년도 ago) |
|---|
| 모더레이션 | 2025. 04. 21. PM 03:25 (10 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 305775 [markparticle WebServer 까지 1.0 Login httprequest.cpp username/password SQL 주입] |
|---|
| 포인트들 | 17 |
|---|