Headline
CVE-2015-10070: Parameterize queries to prevent against SQL injection · copperwall/twiddit@2203d4c
A vulnerability was found in copperwall Twiddit. It has been rated as critical. This issue affects some unknown processing of the file index.php. The manipulation leads to sql injection. The name of the patch is 2203d4ce9810bdaccece5c48ff4888658a01acfc. It is recommended to apply a patch to fix this issue. The identifier VDB-218897 was assigned to this vulnerability.
@@ -37,10 +37,17 @@
$app->get('/feed’, function() use ($app) {
$db = TwidditDB::db();
$username = $_COOKIE[‘user’];
$query = "select redditor
from followingRedditors
where ‘$username’ = userName";
$result = $db->query($query);
$query = <<<EOT
SELECT `redditor`
FROM `followingRedditors`
WHERE `userName` = :username
EOT;
$statement = $db->prepare($query);
$statement->bindParam(':username’, $username);
$statement->execute();
$result = $statement->fetchAll(PDO::FETCH_ASSOC);
$users = [];
foreach ($result as $row) {
$users[] = $row[‘redditor’];
@@ -50,18 +57,26 @@
echo json_encode($comments);
});
$app->get('/subreddits’, function() use ($app) {
$db = TwidditDB::db();
$username = $_COOKIE[‘user’];
$query = "select subreddit
from followingSubreddit
where ‘$username’ = userName";
$result = $db->query($query);
$subreddit = [];
foreach ($result as $row) {
$subreddit[] = $row[‘subreddit’];
$query = <<<EOT
SELECT `subreddit`
FROM `followingSubreddit`
WHERE `userName` = :username
EOT;
$statement = $db->prepare($query);
$statement->bindParam(':username’, $username);
$statement->execute();
$results = $statement->fetchAll(PDO::FETCH_ASSOC);
$subreddits = [];
foreach ($results as $row) {
$subreddits[] = $row[‘subreddit’];
}
$data = Reddit::getSubredditPosts($subreddit);
$data = Reddit::getSubredditPosts($subreddits);
echo json_encode($data);
});
@@ -107,7 +122,6 @@
}
});
$app->post('/signup’, function() use ($app) {
$db = TwidditDB::db();
$username = $app->request->post(‘username’);