phpgurukul Complaint Management System SQL Injection Vulnerability in complaint-details.php

A SQL injection vulnerability exists in phpGurukul Complaint Management System version 2.0, specifically in the complaint-details.php file. The issue arises from inadequate input validation of the 'cid' parameter, allowing attackers to manipulate SQL queries and potentially exfiltrate database information. This vulnerability requires user authentication to exploit.

Impact

Exploitation of this vulnerability allows for SQL injection, where an attacker can execute arbitrary SQL commands. This could lead to unauthorized data access, data manipulation, or in some cases, executing commands on the server under the database application's privileges.

Reproduction

To reproduce this vulnerability, log in as a user and navigate to the complaint history page. Click on 'View Details' to access the complaint details page. Capture the request using Burp Suite and inject a time-delay payload into the 'cid' parameter. This injection takes advantage of the lack of input validation, exploiting the application to execute arbitrary SQL commands.

Remediation

To address this vulnerability, use prepared statements with parameterized queries to prevent direct embedding of user input into SQL queries. Additionally, validate and sanitize user input, particularly for parameters expected to be numeric.