Skip to content

Possible SQL Injection Exploit #1

New issue
New issue
Open
Open
Possible SQL Injection Exploit#1
@mattmess1221

Description

@mattmess1221
mattmess1221
opened on Nov 1, 2018

image

You're using string concatenation instead of using a structured query / preparted statement.

https://github.com/fmohican/SQL-WhiteList/blob/master/src/main/java/ga/fmohican/sql/SQLWL.java#L59

ResultSet rs = stmt.executeQuery("select `"+SQLConfig.susers+"` from `"+SQLConfig.stabname+"` where ( `"+SQLConfig.susers+"`='" + newname + "' AND `"+SQLConfig.swhitelist+"` = 1 );");

Odds are that someone isn't going to use a ');drop table users;-- as a name, but it's a good habit to wrap any user input in a prepared statement`.

See here.
https://stackoverflow.com/a/1812920/2351110

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions