Varient SQL Injection Vulnerability

A SQL injection vulnerability has been identified in Varient version 1.6.1. This vulnerability allows unauthenticated attackers to manipulate database queries by injecting SQL code through the user_id parameter. Exploitation involves sending POST requests with crafted SQL payloads in the user_id field, which can bypass authentication and lead to the extraction of sensitive database information.

Impact

Exploitation of this vulnerability allows for SQL injection, where attackers can manipulate database queries. This could lead to unauthorized data access, data manipulation, or in some cases, executing administrative operations on the database.

Reproduction

To reproduce this vulnerability, send a POST request to the application's comment section. Include a crafted SQL payload in the user_id parameter. The SQL injection can be verified by injecting SQL syntax that, if executed, would demonstrate the vulnerability, such as bypassing authentication or extracting database information.