Kurniaramadhan E-Commerce-PHP SQL Injection Vulnerability

A critical SQL injection vulnerability has been identified in Kurniaramadhan E-Commerce-PHP version 1.0, specifically within the file 'blog-details.php'. The vulnerability arises from the 'blog_id' parameter, allowing remote attackers to manipulate the argument and execute malicious SQL queries. This exploitation can lead to unauthorized access to sensitive data, including admin panel credentials, and potentially allow for the injection of malicious JavaScript into the application.

Impact

Exploitation of this vulnerability allows for SQL injection, which can be used to access and manipulate the application's database. This includes the potential to extract sensitive information such as admin credentials, which can then be used to access the admin panel and perform further actions, such as injecting malicious scripts that could be executed in the context of the user.

Reproduction

The vulnerability can be reproduced by sending a request to 'blog-details.php' with a crafted 'blog_id' parameter that includes SQL injection payloads. This can be done using a web browser or a tool like Burp Suite. Once the SQL injection is successful, the admin credentials can be extracted by exploiting the vulnerability further, such as by using 'union select' payloads to retrieve and decrypt the admin password.