phpgurukul Complaint Management System SQL Injection Vulnerability in User Registration

A SQL injection vulnerability exists in phpGurukul Complaint Management System version 2.0. The issue arises in the user/registration.php file, where multiple parameters, including fullname, email, and contactno, are not properly validated before being inserted into SQL queries. This lack of input validation allows unauthenticated users to manipulate these parameters, potentially leading to unauthorized database access and data exfiltration.

Impact

Exploitation of this vulnerability allows for SQL injection, enabling attackers to execute arbitrary SQL commands. This could result in unauthorized data access, data manipulation, or in some cases, executing commands on the server under the database application's privileges.

Reproduction

To reproduce this vulnerability, navigate to the user registration page. Capture the HTTP POST request using a tool like Burp Suite. Modify the fullname, email, and contactno parameters to include SQL payloads, such as a time-delay SQL injection payload. Send the modified request. The response will indicate successful registration, demonstrating that the SQL injection was exploited.

Remediation

To address this vulnerability, implement input validation to sanitize user inputs by removing or escaping special characters and SQL keywords. Additionally, use prepared statements with parameterized queries to prevent direct injection of user input into SQL commands.