Submeter #596573: xxyopen novel-plus 5.1.3 SQL Injectioninformação

Títuloxxyopen novel-plus 5.1.3 SQL Injection
DescriçãoA critical SQL injection vulnerability exists in the user management module. The `/list` endpoint, which retrieves a list of system users, unsafely uses string substitution (`${...}`) for the `sort` and `order` parameters within its MyBatis `ORDER BY` clause. This allows any authenticated user who can access this endpoint to execute arbitrary SQL commands. Because the query targets the `sys_user` table, this flaw can be exploited to exfiltrate highly sensitive information, including usernames, email addresses, and password hashes, compromising all user accounts on the system.
Fonte⚠️ https://blog.0xd00.com/blog/sqli-in-user-list-leads-to-sensitive-data-disclosure
Utilizador
 bpy9ft (UID 85221)
Submissão13/06/2025 11h38 (há 10 meses)
Moderação23/06/2025 16h32 (10 days later)
EstadoAceite
Entrada VulDB313654 [xxyopen/201206030 novel-plus até 5.1.3 User Management UserMapper.xml list sort/order Injeção SQL]
Pontos20

VoltarVisão GeralPróximo

Do you want to use VulDB in your project?

Use the official API to access entries easily!