SQL vulnerability in tduck-platform
Opened this issue · 0 comments
myh2022 commented
- The code vulnerable to SQL injection is located as follows(com.tduck.cloud.form.service.data.FormDataMysqlService), This code directly concatenates SQL statements, leading to the SQL injection vulnerability
-
Then, within the downloadFormResultFile method of the downloadFormResultFile class(com.tduck.cloud.api.web.controller.downloadFormResultFile), this method is invoked.
-
According to the route information, access the URL address, and use error-based injection to retrieve the database name, thereby verifying the existence of the vulnerability.