Open WDLegend opened 3 months ago
Thank you very much for your suggestion
Best Regards WGCLOUD
发件人: @. 发送时间: 2024-06-14 18:34 收件人: tianshiyeben/wgcloud 抄送: Subscribed 主题: [tianshiyeben/wgcloud] There is a SQL Injection Vulnerability in wgcloud v2.3.7 开源版 (Issue #91) [vulnerable type] SQL Injection [version] v2.3.7 [details] configure a database (i use the wgcloud's default databse 'wgcloud') then configure table as below image.png (view on web) just wait for a moment and see log: image.png (view on web) we can see database name is wgcloud. image.png (view on web) in RDSConnection.java , the system use a blacklist as filter, but it's hard to filter all sql injection words. [repair suggetions] Delete this feature or use white list — Reply to this email directly, view it on GitHub, or unsubscribe. You are receiving this because you are subscribed to this thread.Message ID: @.>
[vulnerable type] SQL Injection [version] v2.3.7
[details] configure a database (i use the wgcloud's default databse 'wgcloud') then configure table as below
just wait for a moment and see log:
we can see database name is wgcloud.
in RDSConnection.java , the system use a blacklist as filter, but it's hard to filter all sql injection words.
[repair suggetions] Delete this feature or use white list