| 标题 | gopeak MasterLab ≤v3.3.10 Pre-Auth SQL Injection |
|---|
| 描述 | MasterLab, a project management tool, has been found to contain a pre-authentication SQL Injection vulnerability in versions up to and including v3.3.10. The security flaw is located within the sqlInject function in the app/ctrl/Framework.php file. It appears that developers may have inadvertently left code that directly incorporates user input into SQL queries during testing and subsequently forgot to remove it. This oversight allows attackers to send specially crafted HTTP requests to execute malicious SQL commands through this function.
Specifically, an attacker can modify the phone or pwd parameters in an HTTP POST request to insert SQL commands, thereby performing unauthorized queries or operations on the database. For instance, by sending an SQL command that includes sleep(5), an attacker can cause the database to delay its response by 5 seconds, confirming the presence of an SQL injection vulnerability.
Such vulnerabilities are particularly dangerous because they can be exploited without any user authentication, allowing attackers to access or modify sensitive data, or even take complete control over the affected database system.
To address this issue, it is recommended that users update to the latest version of MasterLab as soon as possible. Developers should thoroughly review the code to remove any similar direct SQL query insertion points and implement strict input validation and parameterized queries to prevent SQL injection attacks. |
|---|
| 来源 | ⚠️ https://note.zhaoj.in/share/LEbo1ypfzfQh |
|---|
| 用户 | glzjin (UID 59815) |
|---|
| 提交 | 2023-12-27 10時48分 (2 年前) |
|---|
| 管理 | 2023-12-28 09時33分 (23 hours later) |
|---|
| 状态 | 已接受 |
|---|
| VulDB条目 | 249148 [gopeak MasterLab 直到 3.3.10 HTTP POST Request app/ctrl/Framework.php sqlInject pwd SQL注入] |
|---|
| 积分 | 20 |
|---|