Bladex_sqli
Introduction :
BladeX is a well-designed microservices architecture that provides SpringCloud’s full suite of solutions.
Proof of Concept:
/api/blade-user/export-user The key value has SQL injection vulnerability.
Payload : updatexml(1,concat(0x3f,md5(123456),0x3f),1)=1
The sites developed using the BladeX architecture all have the SQL injection vulnerability at the user export interface, and sensitive information in the database can be queried through the error report of related SQL statements.
Although JWT is used to make the corresponding permission access control policy, there is still the possibility of leakage of a large amount of sensitive information in the database.