OOP CMS Blog SQL Injection Vulnerability

A SQL injection vulnerability has been identified in OOP CMS Blog version 1.0. This vulnerability allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through several parameters. Exploitation can be done via the search parameter in search.php, the pageid parameter in page.php, and the id parameter in posts.php. This injection can be used to extract sensitive database information, including table names, schema names, and database credentials.

Impact

Exploitation of this vulnerability allows for arbitrary SQL execution, which could lead to unauthorized data access or manipulation.

Reproduction

The vulnerability can be reproduced by sending a crafted HTTP GET request to search.php with a payload that includes SQL injection syntax in the search parameter. Alternatively, the same can be done using the page.php file by injecting SQL through the pageid parameter, or by using posts.php with the id parameter. The injected SQL can be crafted to extract database information such as table names and schema details.