SourceCodester Advanced Web Store SQL Injection Vulnerability in Admin Panel

A critical SQL injection vulnerability has been identified in SourceCodester Advanced Web Store version 1.0. The issue resides in the admin index.php file, where the txtLogin parameter is manipulated to inject malicious SQL queries. This vulnerability can be exploited remotely, allowing attackers to gain unauthorized access to the database, leak sensitive information, alter or delete data, and potentially disrupt services.

Impact

Exploitation of this vulnerability allows for unauthorized database access, manipulation of database contents, leakage of sensitive information, and could lead to a complete compromise of the underlying system.

Reproduction

The vulnerability can be reproduced by sending a POST request to the /admin/index.php file with the txtLogin parameter. Various payloads can be used to exploit the SQL injection, including boolean-based blind, error-based, and time-based blind injection techniques. The injection takes place by exploiting the lack of input validation on the txtLogin parameter, which is used directly in SQL queries, allowing for the execution of arbitrary SQL commands.

Remediation

To address this vulnerability, it is recommended to use prepared statements and parameter binding to separate SQL code from user input, validate and filter user input to ensure it meets expected formats, minimize database user permissions, and conduct regular security audits.