CVE-2023-30183: wangmarket CMS v4.10 has a SQL injection · Issue #7 · xnx3/wangmarket

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open

baimao-box opened this issue

Feb 10, 2023

· 2 comments

Comments

wangmarket CMS version：v4.10

com.xnx3.wangmarket.plugin.dataDictionary.controller.DataDictionaryPluginController.java

The query statement directly brings the user’s input into mysql for query without filtering, resulting in sql injection vulnerability

Sql injection vulnerability ： /plugin/dataDictionary/tableView.do?tableName=

sqlmap:

Thank you very much for your exception. The general management background, as the largest authority, is equivalent to the use of the largest manager. The risk level is relatively low. However, we still repaired it overnight and submitted the latest version.

In addition, the current github warehouse is a little old. You can see the latest warehouse https://gitee.com/mail_osc/wangmarket The final review of the major version of v6.0 is currently under way. We will also sync to the latest version of github tomorrow or the day after tomorrow

2 participants