There is sql injection at the login

[zhaodie]

Build this project locally

There is a sql registration vulnerability in the login It is found that there is a splicing of sql statements at the verification login Vulnerability recurrence

Submit sql injection parameters

user=zzu'/**/and/**/extractvalue(1,concat(0x7e,(select/**/database()),0x7e))#&password=admin