PHPGurukul Directory Management System SQL Injection Vulnerability in edit-directory.php

A critical SQL injection vulnerability has been identified in PHPGurukul Directory Management System version 2.0. The issue resides in the file /admin/edit-directory.php, where the 'editid' parameter is manipulated, leading to unauthorized database access. This vulnerability allows attackers to inject malicious SQL queries, bypassing authentication requirements. Exploitation of this flaw could result in data modification, deletion, or leakage of sensitive information.

Impact

Exploitation of this vulnerability allows for SQL injection, enabling attackers to manipulate database queries. This could lead to unauthorized data access, modification or deletion of database records, and in some cases, execution of administrative operations on the database.

Reproduction

The vulnerability can be reproduced by sending a GET request to the /admin/edit-directory.php file with a crafted 'editid' parameter. The injected SQL payload can exploit the application's SQL query handling, demonstrating the SQL injection vulnerability.

Remediation

It is recommended to implement input validation and sanitization for the 'editid' parameter to prevent SQL injection. Additionally, using prepared statements with parameterized queries can help mitigate this vulnerability.