Submit #797302: SourceCodester SourceCodester KLiK Social Media Website v1.0.1 SQL Injectioninfo

TitleSourceCodester SourceCodester KLiK Social Media Website v1.0.1 SQL Injection
DescriptionSQL Injection vulnerability in /includes/get_message_ajax.php via c_id parameter. Unauthenticated attackers can execute arbitrary SQL commands using time-based blind injection (SLEEP(5)) and UNION-based injection to extract database information including user credentials, private messages, and system data.
Source⚠️ https://github.com/msaad1999/KLiK-SocialMediaWebsite
User
 g111 (UID 92409)
Submission04/05/2026 07:54 (3 months ago)
Moderation04/24/2026 22:22 (20 days later)
StatusAccepted
VulDB entry359561 [KLiK SocialMediaWebsite up to 1.0.1 Private Message get_message_ajax.php c_id sql injection]
Points18

Interested in the pricing of exploits?

See the underground prices here!