Project: Github Paroxyste/Simply-Blog 20190102

Vulnerability: #9224522 (2019-01-02 06:08:03)

Warning

There are many false positives, or unexploitable vulnerabilities. Please create working "PoC" exploit before reporting anything to vendor!

Details:

Sink PHP::echo
Risk _GET
/Simply-Blog-master/posts/post.php:15 (show/hide source)
1  <?php
2  
3  require_once("../includes/database.php");
4  require_once("../includes/sessions.php");
5  require_once("../includes/functions.php");
6  
7  if(isset($_POST["submit"])) {
8  	$Name = mysqli_real_escape_string($Connection, $_POST["Name"]);
9  	$Email = mysqli_real_escape_string($Connection, $_POST["Email"]);
10  	$Comment = mysqli_real_escape_string($Connection, $_POST["Comment"]);
11  	$CurrentTime = time();
12  	$DateTime = date('d M Y', $CurrentTime);
13  	$DateTime;
14    $Author = "Laurent Echeverria";
15 $PostId = $_GET["id"];
16 17 if(empty($Name) || empty($Email) || empty($Comment)) {
Threat level 2

Callstack:

@INLINE::/Simply-Blog-master/blog.php /Simply-Blog-master/blog.php:123 (show/hide source)
103                            OR title LIKE '%$Search%' OR category LIKE '%$Search%' OR post LIKE '%$Search%'";
104            } else {
105                $ViewQuery = "SELECT * FROM admin_panel ORDER BY datetime DESC";
106            };
107  
108            $Execute = mysqli_query($Connection, $ViewQuery);
109  
110            while($DataRows = mysqli_fetch_array($Execute)) {
111              $PostId = $DataRows["id"];
112              $Datetime = $DataRows["datetime"];
113              $Title = $DataRows["title"];
114              $Category = $DataRows["category"];
115              $Admin = $DataRows["author"];
116              $Image = $DataRows["image"];
117              $Post = $DataRows["post"];
118            ?>
119  
120            <div class="col-md-4">
121              <div class="card card-plain card-blog">
122                <div class="card-header card-header-image">
123 <a href="posts/post.php?id=<?php echo $PostId; ?>">
124 <img class="img img-raised" src="../assets/img/uploads/<?php echo $Image; ?>"> 125 </a>