PHPGurukul Beauty Parlour Management System SQL Injection Vulnerability in Invoices Management

A SQL injection vulnerability has been identified in the PHPGurukul Beauty Parlour Management System version 1.1. The issue resides in the admin/invoices.php file, where the delid parameter is not properly validated, allowing attackers to inject malicious SQL queries. This vulnerability can be exploited remotely, without any authentication, potentially leading to unauthorized access and manipulation of the database.

Impact

Exploitation of this vulnerability allows attackers to inject malicious SQL queries, bypassing authentication and authorization. This could lead to unauthorized data access, modification or deletion of database records, and in some cases, executing administrative operations on the database.

Reproduction

The vulnerability can be reproduced by sending a GET request to the admin/invoices.php file with a crafted delid parameter that includes malicious SQL payloads. The injection can be verified by using time-based blind SQL injection techniques, such as causing the database to sleep for a specified duration before responding.

Remediation

It is recommended to implement input validation and sanitization for the delid parameter, ensuring that only expected values are accepted. Additionally, using prepared statements for database queries can help prevent SQL injection attacks by separating SQL code from user input.