Serdar Bayram Ghost Hot Spot SQL Injection Vulnerability in Login Component

A SQL injection vulnerability has been identified in the Ghost Hot Spot application by Serdar Bayram, specifically in versions prior to 20251014. The issue arises in the Login component, within an unknown function of the Auth.php file. This vulnerability allows remote, unauthenticated attackers to manipulate SQL queries by injecting unsanitized input from usernames and passwords. Exploitation of this flaw could lead to unauthorized access to database contents, such as credentials stored in the ghost_users table.

Impact

Exploitation of this vulnerability allows for SQL injection, where an attacker can manipulate database queries to exfiltrate or modify database information. In this case, it could be used to access sensitive user credentials.

Reproduction

The vulnerability can be reproduced by sending a login request with crafted username and password inputs that include SQL injection payloads. The injection takes place in the Auth.php file, where the login handler improperly sanitizes the input before incorporating it into SQL queries. This flaw can be exploited remotely without any authentication.