Youdiancms sql injection vulnerability
Youdiancms sql injection vulnerability
First download youdiancms 8.0 to build a local test environment
http://www.youdiancms.com/
Successfully set up a local test environment
This vulnerability needs to be logged in first. The page can be registered.
http://localhost/youdiancms/index.php/public/reg/l/cn
http://localhost/youdiancms/index.php/public/login/l/cn
Log in here
The vulnerability location is at index.php/member/customer/index search bar
No filtering of searched keywords, resulting in a sql injection vulnerability
Use sqlmap to make judgments
Look at the code
The vulnerability code location is in the index method of App/Lib/Action/Member/CustomerAction.class.php
The keywords parameter is directly brought into the filter without filtering.