RuoYi up to v4.6 was discovered to contain a SQL injection vulnerability via the component /system/dept/edit
Find the corresponding function points according to the source code information

Use the save function in this function and find the packet that triggers the /system/dept/edit route

Capture packets using burpsuite, save the packets, and then use poc injection to get the database information

Later you can save the packet and inject it into sqlmap to get more database information (close parentheses)