SQL Injection inside category creation (checkIfCategoryExists)

Description A user with the permission to Add category can abuse this feature to execute his own SQL queries. Proof of Concept Static code analysis The vulnerable php code is : php public function checkIfCategoryExistsarray $categoryData: int $query = sprintf "SELECT name from %sfaqcategories WHE...