SourceCodester Farm Management System SQL Injection Vulnerability in myCart.php

A SQL injection vulnerability has been identified in SourceCodester Farm Management System version 1.0, specifically within the myCart.php file. The issue arises from inadequate validation of the 'pid' parameter, allowing attackers to inject malicious SQL queries. This vulnerability can be exploited remotely by authenticated users, as the system requires an active session to access the myCart.php page.

Impact

Exploitation of this vulnerability allows unauthorized users to inject SQL commands through the 'pid' parameter, potentially leading to unauthorized database access, data manipulation, and access to sensitive information.

Reproduction

To reproduce this vulnerability, an authenticated user must send a request to the myCart.php file with the 'flag' parameter set and the 'pid' parameter manipulated to include a crafted SQL payload. This can be done using a tool like sqlmap, which automates the injection process and exploits the vulnerability by extracting database information or executing arbitrary SQL commands.

Remediation

The vulnerability can be addressed by implementing prepared statements with parameter binding to prevent SQL injection. Additionally, input validation should be enforced to ensure that the 'pid' parameter only accepts expected data types. Minimizing database user permissions and conducting regular security audits are also recommended practices.