Vulnerability Key Information Vulnerability Type: SQL Injection Affected Version: RackShift v1.7.1 Vulnerability Description: SQL injection vulnerability exists in the method of multiple controllers. Attackers can execute arbitrary SQL commands via the parameter. Affected Methods: - - - Code Details: - The method in accepts user-provided POST request body parameters and passes them to for processing. - The class contains the parameter. - In , parameters are passed to for processing. - In , when the parameter is not empty, it is directly concatenated into the SQL query without any validation or sanitization. Payload Examples: - Error-based Injection: - - Time-based Injection: - PoC: Use sqlmap to test the vulnerability via HTTP POST request. Remediation Recommendation: Implement whitelist validation for the parameter in Java code to prevent direct concatenation of user input into SQL queries.