Harpia DiagSystem SQL Injection Vulnerability in atualatendimento_jpeg.php

A critical SQL injection vulnerability has been identified in Harpia DiagSystem version 12. The issue arises in the file /diagsystem/PACS/atualatendimento_jpeg.php, where the codexame parameter can be manipulated to execute arbitrary SQL queries. This vulnerability can be exploited remotely, potentially leading to unauthorized access to sensitive data and database manipulation.

Impact

Exploitation of this vulnerability allows for error-based, time-based, and UNION-based SQL injection, enabling attackers to execute arbitrary SQL commands, manipulate database queries, and extract sensitive information from the backend database.

Reproduction

The vulnerability can be reproduced by sending a request to the atualatendimento_jpeg.php endpoint with a crafted codexame parameter. The injection can be verified by using payloads that exploit the SQL injection, such as those that cause SQL errors or extract database information.

Remediation

It is recommended that the vendor implement prepared statements and parameterized queries, sanitize and validate user input, restrict database permissions, and conduct regular security testing.