Online Shopping System Advanced SQL Injection Vulnerability

A SQL injection vulnerability has been identified in the Online Shopping System Advanced version 1.0, specifically within the payment_success.php script. This vulnerability allows attackers to inject malicious SQL through the unfiltered 'cm' parameter. Exploitation of this issue enables the retrieval of sensitive database information by manipulating the user ID parameter.

Impact

Exploitation of this vulnerability allows for unauthorized access to the database, where attackers can inject and execute malicious SQL commands. This could lead to the disclosure of sensitive information, such as user credentials, which could be used to gain unauthorized access to the application or its database.

Reproduction

The vulnerability can be reproduced by sending a request to the payment_success.php script with a crafted 'cm' parameter that includes malicious SQL. This can be done using a tool like sqlmap, which can automate the injection of SQL payloads and exploit the vulnerability.