漏洞类型: SQL injection 漏洞位置: Interface of 问题描述: - Direct replacement concatenation using in SQL query leading to SQL injection vulnerability. - The variable is not properly sanitized before being used in the SQL query. 代码示例: 传播路径: - Starts with the Excel file uploaded by the user in method . - variable is populated from the Excel sheet and passed to the final sink. 利用方式 (POC): - A malicious payload is used in the Excel file to exploit the vulnerability. - The POST request is manipulated to include this payload in the parameter. 结论: - The SQL injection vulnerability can be exploited via the unsanitized variable in the SQL query.