Twitter-Clone SQL Injection Vulnerability

Vulnerability

A SQL injection vulnerability has been identified in Twitter-Clone version 1.0. This vulnerability allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'name' parameter. Exploitation can be done by sending crafted payloads to the 'search.php' endpoint, potentially leading to the extraction of sensitive database information such as usernames, credentials, and system data. The vulnerability arises from improper neutralization of special elements used in SQL commands, enabling both error-based and union-based SQL injection techniques.

Impact

Exploitation of this vulnerability allows for arbitrary SQL query execution, which could be used to manipulate the database or extract sensitive information such as user credentials and system data.

Added: May 26, 2026, 7:38 PM

Updated: May 26, 2026, 7:38 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

8.7

remediation

0.0

relevance

9.4

threat

6.4

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

8.7

remediation

0.0

relevance

9.4

threat

6.4

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Twitter-Clone SQL Injection Vulnerability

Vulnerability

Impact

Affected Products

Fyffe Twitter-Clone

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating