Bylancer Zechat SQL Injection Vulnerability

A SQL injection vulnerability has been identified in Zechat version 1.5. This vulnerability allows unauthenticated attackers to extract database information by injecting SQL code through the 'uname' parameter. Exploitation involves sending crafted requests to 'profile.php' with UNION-based SQL injection payloads, enabling the retrieval of table names, column names, and sensitive data from the 'information_schema' database.

Impact

Exploitation of this vulnerability allows for SQL injection, where attackers can manipulate database queries to extract, modify, or delete database information. In this case, the vulnerability could be exploited to access sensitive data from the database.

Reproduction

To reproduce this vulnerability, send a request to 'profile.php' with a crafted 'uname' parameter that includes a UNION-based SQL injection payload. The payload can be designed to extract information from the 'information_schema' database, such as table names and column names.