Qihang WMS SQL Injection Vulnerability in SysDeptMapper.xml

A SQL injection vulnerability has been identified in Qihang WMS version 4.0. The issue arises in the SysDeptMapper.xml file, where the datascope parameter is improperly handled, allowing attackers to manipulate SQL queries. This vulnerability could be exploited to access sensitive database information, including Personally Identifiable Information (PII) of users.

Impact

Exploitation of this vulnerability could lead to unauthorized database access, potentially allowing attackers to gain database privileges, including DBA rights. This could facilitate access to data from other databases and enable the theft of confidential user information, such as account details, personal private information, and transaction records.

Reproduction

The vulnerability can be reproduced by sending a crafted request to the application that includes a payload exploiting the SQL injection flaw. This can be done by manipulating the datascope parameter to inject malicious SQL code. The injection can be verified by, for example, appending SQL injection payloads that, when executed, reveal database information or bypass authentication.