| tiêu đề | https://gitee.com/y_project/RuoYi RuoYi v4.8.1 SQL Injection |
|---|
| Mô tả | A critical authenticated SQL injection vulnerability exists in RuoYi v4.8.1's code generation module. The vulnerability allows authenticated attackers to execute arbitrary SQL commands through dynamic query construction in the /tool/gen/createTable endpoint.
This is an authenticated SQL injection vulnerability. After logging in, access the path /tool/gen/createTable and send a malicious POST request packet with the parameter 'sql' containing the payload: 'sql=CREATE+TABLE+abc_test+AS+SELECT(IF(1%3D1%2CBENCHMARK(30000000%2CMD5(1))%2C0))+AS+RESULT%3B'. You will observe a response delay of several seconds, and a new table named 'abc_test' will be created in the database, confirming the SQL injection vulnerability. I have specifically developed an exploitation script that can retrieve user accounts and passwords from the database through time-based blind SQL injection:https://github.com/poker00t/RuoYi_SQLinject_exp |
|---|
| Nguồn | ⚠️ https://github.com/poker00t/RuoYi_SQLinject_exp |
|---|
| Người dùng | pokeroot (UID 87846) |
|---|
| Đệ trình | 13/07/2025 09:04 (cách đây 12 các tháng) |
|---|
| Kiểm duyệt | 18/07/2025 14:13 (5 days later) |
|---|
| Trạng thái | Bản sao |
|---|
| Mục VulDB | 220082 [y_project RuoYi đến 4.7.5 /tool/gen/createTable Tiêm SQL] |
|---|
| điểm | 0 |
|---|