Code-Projects Student File Management System SQL Injection Vulnerability in Update User PHP File

A SQL injection vulnerability exists in the Code-Projects Student File Management System version 1.0, specifically within the admin/update_user.php file. The issue arises because the user_id parameter can be manipulated to inject malicious SQL code. This unsanitized input is used in SQL queries, allowing attackers to access the database, modify or delete data, and extract sensitive information. The vulnerability can be exploited remotely without authentication.

Impact

Exploitation of this vulnerability allows for unauthorized database access, data manipulation, and potential system control, posing a significant risk to data integrity and system operations.

Reproduction

The vulnerability can be reproduced by sending a POST request to the update_user.php file with a crafted user_id parameter. This parameter should include SQL injection payloads, such as boolean-based blind injection or UNION-based injections, to exploit the vulnerability.

Remediation

It is recommended to use prepared statements and parameter binding to prevent SQL injection, validate and filter user input, and limit database user permissions to the minimum required.