docs

Overview

The "Docs" web service is designed to facilitate various functions, including:

The system is composed of the following components:

Vulnerability

The API service, as you can see in the source code, lacks input filters or checks, rendering it susceptible to SQL injection attacks. However, direct access to data in the contents table is obstructed by row-level security. This means we can only view our own content or content from documents that have been shared with us. To exploit this, we must initially use SQL injection to share specific documents with us and subsequently retrieve their content via the API.

For a detailed walkthrough, refer to the exploit provided.