C4G Basic Laboratory Information System SQL Injection Vulnerability

C4G Basic Laboratory Information System (BLIS) version 3.4 is vulnerable to multiple SQL injection attacks. These vulnerabilities allow unauthenticated attackers to execute arbitrary SQL commands by injecting malicious payloads through the 'site' parameter. The exploitation occurs via GET requests to the 'users_select.php' endpoint, enabling attackers to extract sensitive database information such as patient records and system credentials.

Impact

Exploitation of these vulnerabilities allows for arbitrary SQL command execution, leading to unauthorized access and extraction of sensitive database information, including patient records and system credentials.

Reproduction

The vulnerability can be reproduced by sending a GET request to the 'ajax/users_select.php' endpoint with a crafted 'site' parameter that includes SQL injection payloads. This can be done using a tool like sqlmap, which can automate the exploitation of SQL injection vulnerabilities.

Remediation

It is recommended to validate application inputs properly to prevent SQL injection vulnerabilities. This can be done by using prepared statements and parameterized queries to ensure that user input is not executed as part of a SQL command.