Renren-Security SQL Injection Vulnerability in BaseServiceImpl Component
Vulnerability
A SQL injection vulnerability has been identified in the Renren-Security application, affecting versions prior to 5.5.0. The issue arises in the BaseServiceImpl.java component, where improper handling of the 'orderField' parameter allows attackers to manipulate SQL queries and potentially access or modify database information.
Impact
Exploitation of this vulnerability allows for SQL injection, where an attacker can interfere with the application's database queries. This could lead to unauthorized data access, data manipulation, or in some cases, executing administrative operations on the database.
Reproduction
To reproduce this vulnerability, send a GET request to the '/renren-admin/sys/scheduleLog/page' endpoint. Include the 'orderField' parameter with a crafted SQL payload that exploits the application's SQL query handling. The payload should be designed to, for example, cause a time-based delay response, indicating successful injection.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.