Kepler Wallpaper Script SQL Injection Vulnerability

A SQL injection vulnerability has been identified in Kepler Wallpaper Script version 1.1. This vulnerability allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code into the category parameter. Exploitation involves sending GET requests to the category endpoint with URL-encoded SQL UNION statements, which can be used to extract sensitive database information such as usernames, database names, and MySQL version details.

Impact

Exploitation of this vulnerability allows for arbitrary SQL query execution, which could lead to unauthorized data access or manipulation.

Reproduction

To reproduce this vulnerability, send a GET request to the category endpoint with a crafted SQL injection payload in the category parameter. The payload should be URL-encoded and can include SQL UNION statements to extract database information.