SourceCodester Simple To-Do List System SQL Injection Vulnerability

A critical SQL injection vulnerability has been identified in SourceCodester Simple To-Do List System version 1.0. The issue arises in the file complete_task.php, where user input is not properly sanitized before being used in SQL queries. This flaw allows remote attackers to manipulate the ID parameter, potentially leading to unauthorized database access or modification. Exploitation of this vulnerability could result in the attacker gaining access to sensitive data or, in databases with DBA privileges, even escalating to server host privileges.

Impact

Exploitation of this vulnerability allows attackers to execute arbitrary SQL commands, potentially leading to unauthorized data access, data manipulation, or in cases where the database user has elevated privileges, executing commands on the server.

Reproduction

To reproduce this vulnerability, send a request to complete_task.php with a crafted ID parameter that includes SQL injection payloads. The injection can be tested using SQLMap, a popular SQL injection and database takeover tool.