CVE-2022-30478

Vulnerability

A SQL injection vulnerability exists in the keyword parameters of search_product.php in Ecommerce-project-with-php-and-mysqli-Fruits-Bazar version 1.0. The application fails to properly sanitize user-supplied input before incorporating it into SQL queries, allowing an attacker to inject arbitrary SQL commands. This component is publicly accessible without authentication.[1][3]

Exploitation

An attacker can exploit this vulnerability by sending a crafted HTTP request to the vulnerable search_product.php script with a malicious value in the keyword parameter. The attacker does not require any prior authentication or special privileges; the issue is remotely triggerable. A proof-of-concept exists demonstrating the injection of SQL commands that can be executed against the backend MySQL database.[2][3]

Impact

Successful exploitation allows the attacker to execute arbitrary SQL queries against the database, potentially leading to unauthorized access to sensitive data, modification of existing data, or complete compromise of the application's database. The attacker gains the same privileges as the database user configured for the application, which could include the ability to read, write, or delete records.[3]

Mitigation

No official patch or fixed version has been released by the vendor. Affected users should consider implementing input validation and using parameterized queries in search_product.php to prevent SQL injection. Until a fix is available, the application may remain vulnerable.[1][3]