Slims SQL Injection Vulnerability in coll_type.php

A SQL injection vulnerability has been identified in Slims (Senayan Library Management Systems) version 9 Bulian V9.6.1. The issue resides in the admin/modules/master_file/coll_type.php file, where user inputs are inadequately sanitized before being incorporated into SQL queries. This flaw allows attackers to inject malicious SQL payloads, potentially manipulating the application's database operations.

Impact

Exploitation of this vulnerability allows for SQL injection, where an attacker can interfere with the application's database queries. This could lead to unauthorized data access, data manipulation, or in some cases, executing administrative operations on the database.

Reproduction

To reproduce this vulnerability, intercept a request to admin/modules/master_file/coll_type.php. Inject SQL payloads into the fld parameter, such as a union-based injection or a time-based blind SQL injection payload. The application response should confirm the execution of the injected SQL, indicating the vulnerability is present.

Remediation

To address this vulnerability, it is recommended to use prepared statements or parameterized queries for SQL operations, ensuring that user inputs are properly validated and sanitized before being included in database queries.