[vulnerability] SQL Injection Vulnerability in AdminGoodsController.java #548
Description
SQL injection vulnerability in linlinjava litemall v.1.8.0 allows a remote attacker to obtain sensitive information via the goodsId, goodsSn, name parameters of the AdminGoodscontroller.java component.
1.Steps to reproduce (复现步骤)
访问商品管理,点击查询,抓取数据包
`GET /admin/goods/list?page=1&limit=20&sort=add_time&order=desc HTTP/1.1
Host: localhost:8083
X-Litemall-Admin-Token: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJsb2dpblR5cGUiOiJsb2dpbiIsImxvZ2luSWQiOiIxNjc0MjI4Nzc2NzU1NjYyODQ4Iiwicm5TdHIiOiJ2MnhZQjlKTVVYTzVvU1prUHVIdVRmUG5Kc250dFdYcSJ9.vcCJsv50XMYtg5dkjdvvfEqRBv5M6mntbBfHYz24zLQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
X-Litemall-TenantId: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJ0aGlzIGlzIGxpdGUtbWFsbC1wbHVzIHRva2VuIiwiYXVkIjoiTUlOSS1BUFAiLCJ0ZW5hbnRJZCI6IjAiLCJpc3MiOiJMaXRlLW1hbGwtcGx1cyIsImV4cCI6MTcxOTIyMDUzNCwiaWF0IjoxNzE5MTM0MTM0fQ.uMpPiijOq53ImOdyjEreoxmamrA0xqznDs1XZbvvum8
Accept: /
Accept-Encoding: gzip, deflate, br
Accept-Language: zh-CN,zh;q=0.9
Connection: close
`
