Yonyou KSOA SQL Injection Vulnerability in PrintZPYG.jsp

A SQL injection vulnerability has been identified in Yonyou KSOA version 9.0, specifically within the file '/kp/PrintZPYG.jsp'. The vulnerability arises from the application's failure to properly sanitize the 'zpjhid' parameter, allowing attackers to inject malicious SQL code. This injection can be exploited remotely without authentication, potentially leading to unauthorized database access, data manipulation, and disruption of services.

Impact

Exploitation of this vulnerability allows for SQL injection, where attackers can manipulate database queries. This could result in unauthorized access to database information, alteration of data, and in some cases, execution of administrative operations on the database.

Reproduction

The vulnerability can be reproduced by sending a request to '/kp/PrintZPYG.jsp' with the 'zpjhid' parameter. The injection can be tested using SQL injection payloads, such as those that exploit stacked queries or UNION-based injections. This can be done manually or with automated tools like sqlmap.

Remediation

It is recommended to use prepared statements and parameter binding to prevent SQL injection. Input validation and filtering should be implemented to ensure user input conforms to expected formats. Additionally, database user permissions should be minimized to the necessary levels.