1000 Projects Bookstore Management System SQL Injection Vulnerability

A critical SQL injection vulnerability has been identified in the Bookstore Management System version 1.0, developed by 1000 Projects. The issue arises in the 'addtocart.php' file, where the 'bcid' parameter is not properly sanitized before being included in the SQL query. This flaw allows for remote exploitation of the application.

Impact

Exploitation of this vulnerability allows for SQL injection, where an attacker can manipulate database queries. This could lead to unauthorized data access, data manipulation, or in some cases, executing administrative operations on the database.

Reproduction

To reproduce this vulnerability, log into the application and navigate to the 'addtocart.php' file. Once there, add a book to the cart while intercepting the request. The 'bcid' parameter can be manipulated by injecting a payload that exploits the SQL query handling. After sending the modified request, the injection can be confirmed by, for example, using a time-based payload that delays the response, indicating successful exploitation.

Remediation

It is recommended to use prepared statements for SQL queries to prevent SQL injection vulnerabilities.