| Título | code-projects Easy Blog Site In PHP 1.0 SQL Injection |
|---|
| Descrição | A SQL Injection vulnerability exists in the Easy Blog Site in PHP within the contact form functionality.
The vulnerability occurs in the following endpoint:
/blog/users/contact_us.php
The application processes user input submitted through an HTTP POST request. The name parameter is user-controlled and is incorporated into backend SQL queries without proper validation or sanitization.
Testing confirmed that the name parameter is vulnerable to time-based SQL injection, indicating that attacker-supplied SQL expressions are executed by the database engine.
By injecting a crafted payload into the name parameter, an attacker can manipulate the SQL query. In the provided request, a delay-based SQL payload using the SLEEP() function was used:
name='+(select*from(select(sleep(20)))a)+'
When the request is processed, the server response is delayed by approximately 20 seconds, confirming successful execution of the injected SQL statement.
This demonstrates that the application directly includes user input in SQL queries without using prepared statements or parameterized queries. |
|---|
| Fonte | ⚠️ https://github.com/ahmadmarz10-hub/CVEsMarz/blob/main/SQL%20Injection%20in%20Easy%20Blog%20Site%20PHP%20name%20Parameter.md |
|---|
| Utilizador | AhmadMarzouk (UID 95993) |
|---|
| Submissão | 24/03/2026 12h49 (há 18 dias) |
|---|
| Moderação | 08/04/2026 16h39 (15 days later) |
|---|
| Estado | Aceite |
|---|
| Entrada VulDB | 356243 [code-projects Easy Blog Site até 1.0 /users/contact_us.php Nome Injeção SQL] |
|---|
| Pontos | 20 |
|---|