Code-Projects Student Crud Operation SQL Injection Vulnerability in Delete.php

A critical SQL injection vulnerability has been identified in Code-Projects Student Crud Operation version 3.3. The issue resides in the delete.php file, where the 'id' GET parameter is improperly handled. This lack of validation and parameterization allows for remote exploitation, leading to unauthorized mass deletion of records in the 'card_activation' table. The vulnerability is classified under CWE-89 (SQL Injection) and has a CVSS v3.1 score of 7.3.

Impact

Exploitation of this vulnerability allows for unauthenticated SQL injection, enabling attackers to execute destructive SQL commands. This could result in the mass deletion of records from the 'card_activation' table, with potential for broader SQL manipulation depending on server configurations.

Reproduction

To reproduce this vulnerability, access the delete.php file with a crafted 'id' parameter that exploits the SQL injection flaw. This can be done by sending a request that includes an SQL injection payload, such as '1 OR 1=1 --', which bypasses normal query processing and executes arbitrary SQL commands.

Remediation

It is recommended to use prepared statements for database queries to prevent SQL injection. Additionally, implement proper validation of input parameters, require authentication for sensitive operations, and consider using POST requests for actions that modify data.