PuneethReddyHC Online Shopping System SQL Injection Vulnerability

A SQL injection vulnerability has been identified in the login.php file of PuneethReddyHC Online Shopping System Advanced version 1.0. This vulnerability arises from inadequate sanitization of user input in the keyword POST parameter, allowing attackers to inject arbitrary SQL commands. Exploitation of this vulnerability could lead to unauthorized database access, manipulation of database contents, and potentially bypassing authentication mechanisms.

Impact

Exploitation of this vulnerability allows for time-based blind SQL injection, where an attacker can manipulate the SQL query execution to extract or modify database information. This could also lead to unauthorized access to sensitive data, authentication bypass, and in some cases, code execution depending on the database management system configuration.

Reproduction

To reproduce this vulnerability, send a POST request to the login.php file with an injected SQL payload in the keyword parameter. The payload should include a time-based SQL injection technique, such as using the SLEEP function, to demonstrate the successful exploitation of the vulnerability.

Remediation

To address this vulnerability, use parameterized queries and prepared statements to prevent SQL injection. Implement strict server-side input validation, enforce the principle of least privilege for the database account, and regularly patch and update the application and its dependencies.