SourceCodester Doctor's Appointment System SQL Injection Vulnerability in Delete Doctor PHP File

A critical SQL injection vulnerability has been identified in SourceCodester Doctor's Appointment System version 1.0. The issue arises in the 'admin/delete-doctor.php' file, where the 'id' parameter is improperly sanitized, allowing attackers to inject malicious SQL code. This vulnerability can be exploited remotely without authentication, potentially leading to unauthorized database access, data manipulation, and disruption of service.

Impact

Exploitation of this vulnerability allows for unauthorized access to the database, manipulation or deletion of data, and access to sensitive information. Such actions pose a significant threat to the overall security of the system and its data integrity.

Reproduction

The vulnerability can be reproduced by sending a GET request to 'admin/delete-doctor.php' with an injected SQL payload in the 'id' parameter. The injection can be verified by using a payload that, for example, includes 'sleep(3)' to test for time-based SQL injection.

Remediation

It is recommended to use prepared statements and parameter binding to prevent SQL injection, validate and filter user input, minimize database user permissions, and conduct regular security audits.