System background authentication can be bypassed

newbee-ltd / newbee-mall

🔥 🎉newbee-mall是一套电商系统，包括基础版本(Spring Boot+Thymeleaf)、前后端分离版本(Spring Boot+Vue 3+Element-Plus+Vue-Router 4+Pinia+Vant 4) 、秒杀版本、Go语言版本、微服务版本(Spring Cloud Alibaba+Nacos+Sentinel+Seata+Spring Cloud Gateway+OpenFeign+ELK)。前台商城系统包含首页门户、商品分类、新品上线、首页轮播、商品推荐、商品搜索、商品展示、购物车、订单结算、订单流程、个人订单管理、会员中心、帮助中心等模块。后台管理系统包含数据面板、轮播图管理、商品管理、订单管理、会员管理、分类管理、设置等模块。

https://item.jd.com/12890115.html

GNU General Public License v3.0

11.11k stars 2.71k forks source link

System background authentication can be bypassed #34

Closed Jayway007 closed 4 years ago

Jayway007 commented 4 years ago

1、The authentication logic of the system's background /admin is in code AdminLoginInterceptor： 2、This can easily be bypassed, like request //admin: 1)We delete the requested cookie field and then request /admin,returns 302： 2）But if we request //admin，We can perform administrator actions without logging in， For example, upload a babat file： It can execute any server command，such as calc：