SourceCodester Stock Management System SQL Injection Vulnerability in Login Authentication

A critical SQL injection vulnerability has been identified in the SourceCodester Stock Management System version 1.0. This issue resides in the login processing of the file '/classes/Login.php?f=login', where the 'username' parameter is not properly sanitized. This flaw allows attackers to inject SQL code, bypass authentication, and gain unauthorized access, potentially with administrative privileges.

Impact

Exploitation of this vulnerability allows for authentication bypass, enabling attackers to log in as any user, including administrators. This could lead to unauthorized access to sensitive data, privilege escalation, and full administrative control over the application, allowing manipulation or deletion of critical information.

Reproduction

To reproduce this vulnerability, access the login page at '/classes/Login.php?f=login'. In the 'username' field, enter a payload that exploits the SQL injection, such as 'admin' OR 1='1'. Fill in the password field with any value and submit the form. The injection takes advantage of the SQL query logic, bypassing authentication by creating a condition that is always true.