A remote attacker could potentially exploit this vulnerability to obtain sensitive information. It is recommended that site administrators review the id parameter to see if it is vulnerable to SQL injection.
An unauthenticated user could also potentially exploit this issue by forging the request to the remote service and injecting their own SQL code. In most cases, however, the id parameter is used for identification purposes only and should not be treated as a secret key.
SQL Injection using id Parameter
SQL Injection vulnerabilities can be exploited by an unauthenticated user to gain access to sensitive information. This vulnerability could allow the attacker to obtain any information held in the database.
For example, if the id parameter was considered a secret key, an attacker could use this vulnerability to change their status from “active” to “inactive” or they could delete all of their data.
CVE-2023-36733
A remote attacker could exploit this vulnerability to perform a cross-site scripting attack.
SQL Injection with id
SQL injection is a common vulnerability that can be used to obtain sensitive information like passwords, session tokens, and even source code. It's important to avoid this type of attack by ensuring that your application uses parameterized queries, which will prevent unauthenticated users from injecting SQL codes.
Vulnerable Code
$id = $_GET['id']; $query = "SELECT * FROM users WHERE id=$id";
Timeline
Published on: 08/30/2022 21:15:00 UTC
Last modified on: 09/01/2022 07:00:00 UTC