Slims SQL Injection Vulnerability in Admin Module

A SQL injection vulnerability has been identified in Slims (Senayan Library Management Systems) version 9 Bulian 9.6.1. The issue resides in the admin/modules/master_file/item_status.php file, where user inputs are inadequately sanitized before being incorporated into SQL queries. This flaw allows attackers to manipulate the query logic by injecting malicious SQL payloads.

Impact

Exploitation of this vulnerability allows for SQL injection, specifically time-based blind SQL injection, where an attacker can execute arbitrary SQL commands and potentially access or manipulate database information.

Reproduction

To reproduce this vulnerability, intercept a request to the item_status.php file in the admin/modules/master_file directory. Inject a SQL payload into the 'fld' parameter, such as one that utilizes a time-based injection technique, and observe the application's response delay as an indication of successful exploitation. This vulnerability can also be reproduced using the SQL injection testing tool sqlmap.

Remediation

To address this vulnerability, it is recommended to use prepared statements or parameterized queries for SQL operations, ensuring that user inputs are properly validated and sanitized before being included in database queries.