Codezips Gym Management System SQL Injection Vulnerability in Dashboard Admin Over Month PHP File

A critical SQL injection vulnerability has been identified in Codezips Gym Management System version 1.0. The issue arises in the dashboard/admin/over_month.php file, specifically within the mm parameter. This vulnerability allows attackers to inject arbitrary SQL code by manipulating the parameter, bypassing input validation. The exploitation can lead to unauthorized access to the database, data manipulation, and potentially a full system compromise.

Impact

Exploitation of this vulnerability could result in a database compromise, allowing attackers to read, modify, or delete data. There is also a risk of data leakage, exposing sensitive customer or payment information. Additionally, malicious SQL queries could degrade application performance or cause crashes, and there is a potential for privilege escalation, leading to a broader system takeover.

Reproduction

To reproduce this vulnerability, send a request to the dashboard/admin/over_month.php file with a crafted mm parameter that includes malicious SQL code. The injection can be performed remotely, and the vulnerability may be discovered using Google Hacking techniques.

Remediation

It is recommended to use prepared statements or parameter binding to separate SQL logic from user-supplied data, preventing code injection. The vulnerability advisory suggests replacing the affected product with an alternative.