FantasticLBP Hotels_Server SQL Injection Vulnerability in Room.php

A SQL injection vulnerability has been identified in the FantasticLBP Hotels_Server application, specifically in the Room.php file within the API controller. This issue affects all versions of the application prior to the commit 67b44df162fab26df209bd5d5d542875fcbec1d0. The vulnerability arises from inadequate validation of the 'hotelId' parameter, allowing attackers to inject malicious SQL queries. This injection can be exploited remotely, without the need for authentication, potentially leading to unauthorized database access, data manipulation, and exposure of sensitive information.

Impact

Exploitation of this vulnerability allows for SQL injection, enabling attackers to interfere with the application's database queries. This could result in unauthorized data access, data modification or deletion, and in some cases, executing administrative operations on the database.

Reproduction

To reproduce this vulnerability, send a POST request to the '/controller/api/Room.php' endpoint with the 'hotelId' parameter. The injected SQL payload can be crafted to manipulate the database query execution, exploiting the lack of input sanitization.