SourceCodester Gym Management System SQL Injection Vulnerability in Signup.php

A critical SQL injection vulnerability has been identified in the SourceCodester Gym Management System version 1.0, specifically within the signup.php file. The issue arises from inadequate validation of user input in the 'user_name' parameter, allowing attackers to inject malicious SQL queries. This vulnerability can be exploited remotely, without any authentication, potentially leading to unauthorized database access, data manipulation, and leakage of sensitive information.

Impact

Exploitation of this vulnerability allows for time-based blind SQL injection, where an attacker can execute arbitrary SQL commands and potentially access, modify, or delete database information.

Reproduction

To reproduce this vulnerability, send a POST request to the signup.php file with the 'user_name' parameter. Inject a crafted SQL payload that exploits the application's SQL query handling, such as using a time-based blind injection technique that leverages the SQL SLEEP function to create a delay, indicating successful exploitation.

Remediation

It is recommended to use prepared statements and parameter binding to prevent SQL injection, validate and filter user input, minimize database user permissions, and conduct regular security audits.