1000 Projects Bookstore Management System SQL Injection Vulnerability

A critical SQL injection vulnerability has been identified in the Bookstore Management System version 1.0. The issue arises in the file process_users_del.php, where the 'id' parameter is not properly sanitized before being included in SQL queries. This flaw allows remote attackers to manipulate the 'id' argument and execute arbitrary SQL commands, potentially leading to unauthorized data access or modification.

Impact

Exploitation of this vulnerability allows for SQL injection, where an attacker can interfere with the application's database queries. This could lead to unauthorized data access, data manipulation, or in some cases, executing administrative operations on the database.

Reproduction

To reproduce this vulnerability, log into the admin panel and navigate to the 'View Users' section. Click on 'Delete User' to capture the API request for deleting a user. The 'id' parameter in this request can be manipulated to inject malicious SQL, exploiting the application's lack of proper input validation.

Remediation

It is recommended to use prepared statements for SQL queries to prevent SQL injection vulnerabilities. This can be done by using parameterized queries, which separate SQL logic from data, ensuring that user input is properly escaped and cannot be used to manipulate the query execution.