SourceCodester Simple Forum Discussion System SQL Injection Vulnerability in admin_class.php

A SQL injection vulnerability has been identified in SourceCodester Simple Forum Discussion System version 1.0. The issue resides in the admin_class.php file, specifically within the login action. The vulnerability allows remote attackers to manipulate the Username parameter, injecting malicious SQL that could be executed by the application. This exploitation does not require authentication.

Impact

Exploitation of this vulnerability allows attackers to execute arbitrary SQL commands, potentially leading to unauthorized database access, data manipulation or deletion, and exposure of sensitive information.

Reproduction

To reproduce this vulnerability, send a POST request to the /forum/admin_class.php?action=login endpoint. Include a crafted payload in the username parameter that exploits the SQL injection vulnerability, such as one that uses time-based blind SQL injection techniques, like causing the database to sleep for a few seconds.

Remediation

It is recommended to use prepared statements and parameter binding to prevent SQL injection, validate and filter user input, minimize database user permissions, and conduct regular security audits.