| Title | Novel-PlusV3.6.2 exists SQL Injection |
|---|
| Description | novel-plus is a multi-terminal (PC, WAP) reading, full-featured original literature CMS system.
In the list method of the MenuController file, the parameter sort is not processed, resulting in sql injection.Vulnerability in the application background.
The vulnerability was found in the backend, and during the white-box audit, it was discovered that the backend password was weak by default, and the cause was the inability to pre-compile the orderby field using mybatis, and no filtering was done. |
|---|
| Source | ⚠️ https://github.com/OYyunshen/Poc/blob/main/Novel-PlusV3.6.2Sqli.pdf |
|---|
| User | OYyunshen (UID 43586) |
|---|
| Submission | 03/23/2023 08:37 (3 years ago) |
|---|
| Moderation | 03/23/2023 09:55 (1 hour later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 223662 [novel-plus 3.6.2 sys/menu/list MenuService sort sql injection] |
|---|
| Points | 20 |
|---|