🛒 sekumartdeals so good it should be illegal
USD EUR GBP 🏴 0/6 🛒 cart (0) login
security level: low medium high impossible

Source: catalog (security level: low)

Flip the security level in the header to compare the vulnerable and fixed code paths.

<?php // LOW: sort column concatenated into ORDER BY -> ORDER-BY SQL injection (different context: no quotes)
$sort = isset($_GET['sort']) ? $_GET['sort'] : 'id';
$q "SELECT id,name,price FROM products ORDER BY $sort";
$res=@mysqli_query(db(),$q); $rows=array(); $rows_error=null;
if(
$res){ while($r=mysqli_fetch_assoc($res)) $rows[]=$r; } else $rows_error=mysqli_error(db());