Homey BNB SQL Injection Vulnerability

A SQL injection vulnerability has been identified in Homey BNB version 4, an Airbnb clone script. This vulnerability allows unauthenticated attackers to manipulate database queries by injecting SQL code through the hosting_id parameter. Exploitation involves sending GET requests to the rooms/ajax_refresh_subtotal endpoint with malicious hosting_id values, potentially leading to the extraction of sensitive database information or causing a denial-of-service condition.

Impact

Exploitation of this vulnerability allows for SQL injection, where attackers can manipulate database queries. This could lead to unauthorized data access, data manipulation, or causing a denial-of-service condition by disrupting normal application operations.

Reproduction

To reproduce this vulnerability, send a GET request to the rooms/ajax_refresh_subtotal endpoint with a crafted hosting_id parameter that includes SQL injection payloads. The injected SQL code can be used to manipulate the database query, potentially extracting sensitive information or causing a denial-of-service condition.