Homey BNB SQL Injection Vulnerability

A SQL injection vulnerability has been identified in Homey BNB version 4, an Airbnb clone script. This vulnerability allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'catid' parameter. Attackers can send GET requests to the 'admin/cms_getpagetitle.php' endpoint with malicious 'catid' values to extract sensitive database information. The vulnerability arises from insufficient input validation, allowing SQL injection payloads to be executed and potentially leading to unauthorized data access.

Impact

Exploitation of this vulnerability allows for SQL injection, where attackers can execute arbitrary SQL commands. This could lead to unauthorized data access, data manipulation, or in some cases, executing commands on the server if the database has such capabilities.

Reproduction

To reproduce this vulnerability, send a GET request to the 'admin/cms_getpagetitle.php' endpoint with a crafted 'catid' parameter that includes SQL injection payloads. The injection can be verified by extracting database information or manipulating database queries through the injected SQL code.