SQL Injection - Wine Search
TaintedPort
Vuln ID
TP-003
Title
SQL Injection - Wine Search
Severity
critical
Type
SQLi
HTTP Method
GET
URL
/wines
Parameter
search
Filename
-
Code Location
backend/api/models/Wine.php -> getAll() line 18
Description
The search term is directly concatenated into the SQL LIKE clause without parameterized statements.
Proof of Concept
search=' UNION SELECT 1,email,password_hash,name,5,6,7,8 FROM users--Remediation
Use a parameterized query with bound wildcards.