PHPGurukul Online Birth Certificate System SQL Injection Vulnerability

A critical SQL injection vulnerability has been identified in PHPGurukul Online Birth Certificate System version 2.0. The issue resides in the '/admin/users-applications.php' file, where the 'userid' parameter is manipulated to inject malicious SQL code. This unsanitized input is directly used in SQL queries, allowing attackers to access and manipulate the database without authorization. The vulnerability can be exploited remotely, posing a significant risk to data integrity and system security.

Impact

Exploitation of this vulnerability allows unauthorized database access, manipulation or deletion of data, leakage of sensitive information, and potentially full control over the system, disrupting normal services.

Reproduction

The vulnerability can be reproduced by sending a GET request to the '/admin/users-applications.php' endpoint with a crafted 'userid' parameter. The injected SQL payload can exploit the application by bypassing authentication or accessing unauthorized data. This SQL injection can be performed using boolean-based blind, time-based blind, or UNION-based injection techniques, taking advantage of the application's failure to properly validate user input.

Remediation

To address this vulnerability, developers should implement prepared statements and parameter binding to separate SQL code from user input, conduct thorough input validation and filtering, and minimize database user permissions to the least required for operations.