Chaitak-Gorai Blogbook SQL Injection Vulnerability in user.php GET Parameter

A critical SQL injection vulnerability has been identified in the Blogbook application by Chaitak Gorai, specifically in versions up to commit 92f5cf90f8a7e6566b576fe0952e14e1c6736513. The issue arises in the user.php file within the GET parameter handler, where the u_id parameter can be manipulated to execute arbitrary SQL commands. This vulnerability can be exploited remotely, potentially leading to unauthorized access, modification, or deletion of database information, and in some cases, remote code execution.

Impact

Exploitation of this vulnerability allows for SQL injection, where an attacker can execute arbitrary SQL commands on the application's database. This could result in unauthorized data access, modification, or deletion. Additionally, in certain configurations, it could lead to remote code execution.

Reproduction

To reproduce this vulnerability, send a request to user.php with a crafted u_id parameter that includes SQL injection payloads. The application will execute the injected SQL commands, demonstrating the vulnerability.