Second-Order SQL Injection Exploit in OopsSec Store's Review Moderation Feature

The article describes the exploitation of a second-order SQL injection vulnerability in the review moderation feature of the OopsSec Store. Unlike traditional SQL injection, this attack demonstrates how user inputs stored securely can become dangerous when reused in an unsecured SQL query. The attack unfolds in several steps: storing a malicious SQL payload in the "Display name" field of a review, obtaining administrative privileges, triggering the injection via the review moderation panel, and retrieving the flag. The vulnerability lies in the use of raw SQL queries with multi-statement support, allowing the execution of destructive commands like DROP TABLE reviews. The fix involves using secure parameterized queries.