PHPGurukul Company Visitor Management System SQL Injection Vulnerability

A critical SQL injection vulnerability has been identified in the PHPGurukul Company Visitor Management System, specifically in version 2.0. The issue resides in the Sign In component, within the file '/index.php'. The vulnerability allows remote attackers to manipulate the 'username' parameter, leading to unauthorized access and the potential retrieval of sensitive information. Exploitation of this vulnerability can also bypass authentication and, under certain conditions, allow arbitrary file uploads.

Impact

Exploitation of this vulnerability can bypass authentication, allowing unauthorized access to the application. Additionally, it enables attackers to execute arbitrary SQL commands, potentially leading to the manipulation or extraction of database information. In some cases, this vulnerability could be exploited to upload arbitrary files.

Reproduction

To reproduce this vulnerability, send a POST request to '/cvms/index.php' with the 'username' parameter containing a crafted SQL payload, and the 'password' parameter with any value. The SQL injection can be exploited by injecting SQL syntax into the 'username' field, which is not properly sanitized before being used in a database query. This injection can be used to bypass authentication or manipulate database information.