MyT Project Management SQL Injection Vulnerability

A SQL injection vulnerability has been identified in MyT Project Management version 1.5.1. This vulnerability allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code into the Charge[group_total] parameter. Exploitation occurs through crafted POST requests sent to the /charge/admin endpoint. The vulnerability can be exploited using error-based, time-based blind, or stacked query payloads, potentially leading to the extraction of sensitive database information or manipulation of data.

Impact

Exploitation of this vulnerability allows for arbitrary SQL query execution, which could lead to unauthorized data access or modification within the application's database.

Reproduction

To reproduce this vulnerability, an authenticated user can send a POST request to the /charge/admin endpoint with a payload that includes a SQL injection in the Charge[group_total] parameter. This can be done using error-based, time-based blind, or stacked query techniques. The injection can be crafted to extract database information or manipulate data as desired.