tduck-platform icon indicating copy to clipboard operation
tduck-platform copied to clipboard

Published 20 hours ago verified publisher icon TDuckCloud

SQL vulnerability in tduck-platform

Open myh2022 opened this issue 1 year ago • 0 comments
trafficstars

  1. The code vulnerable to SQL injection is located as follows(com.tduck.cloud.form.service.data.FormDataMysqlService), This code directly concatenates SQL statements, leading to the SQL injection vulnerability

1

  1. Then, within the downloadFormResultFile method of the downloadFormResultFile class(com.tduck.cloud.api.web.controller.downloadFormResultFile), this method is invoked. image

  2. According to the route information, access the URL address, and use error-based injection to retrieve the database name, thereby verifying the existence of the vulnerability. image

myh2022 avatar Dec 05 '23 14:12 myh2022