projectworlds Online Art Gallery Shop adminHome.php sql injection

Vulnerability

A SQL injection vulnerability exists in /admin/adminHome.php of projectworlds Online Art Gallery Shop version 1.0. The social_linked parameter is passed directly into SQL queries without proper sanitization or validation, allowing an attacker to inject arbitrary SQL commands [1]. No authentication is required to reach the vulnerable endpoint [1].

Exploitation

An unauthenticated attacker can send a crafted POST request to /admin/adminHome.php with a malicious payload in the social_linked parameter. Proof-of-concept code has been published, demonstrating boolean-based blind injection using RLIKE clauses to extract data [1]. The attack can be executed remotely without any user interaction or prior privileges [1].

Impact

Successful exploitation allows an attacker to perform unauthorized database operations, including reading sensitive data, modifying or deleting records, and potentially gaining comprehensive control over the application. This can lead to data leakage, integrity loss, and service disruption [1].

Mitigation

As of the published date of this CVE, no official fix has been released by projectworlds. The vendor has not provided a patched version or workarounds. Users should immediately restrict network access to the admin panel, apply input validation and parameterized queries, or consider migrating to an alternative solution if no update is forthcoming [1].