|Title:||Saphplesson v4.3 Blind SQL Injection|
|Author:||Jafer Al Zidjali|
|Tested on:||Saphplesson v4.3 (previous versions may also be affected)|
SaPHPLesson is prone to SQL Injection vulnerability. The vulnerable variable is located in global.php file:
.. $userip = real_ip(); $time = time(); $isonline = $db->get_var("select count(*) from online where IP='$userip'"); //<---vulnerable ...
$userip is inserted directly into the SQL query. This vulnerability can be exploited to insert malicious SQL queries.