PHPGurukul Local Services Search Engine Management System SQL Injection Vulnerability

A critical SQL injection vulnerability has been identified in PHPGurukul Local Services Search Engine Management System version 2.1. The issue resides in the file '/admin/edit-person-detail.php' when the 'editid' parameter is manipulated. This vulnerability allows remote attackers to inject malicious SQL queries, potentially leading to unauthorized database access, data modification or deletion, and exposure of sensitive information. The vulnerability arises from inadequate input validation of the 'editid' parameter, enabling attackers to craft inputs that manipulate SQL queries executed by the application.

Impact

Exploitation of this vulnerability allows attackers to execute arbitrary SQL commands, bypassing authentication and authorization. This could lead to unauthorized data access, modification or deletion, and in some cases, executing commands on the server under the database user's privileges.

Reproduction

To reproduce this vulnerability, send a POST request to '/admin/edit-person-detail.php' with the 'editid' parameter set to '2'. Include a payload that exploits time-based blind SQL injection, such as one that uses a SQL 'SLEEP' function to introduce a delay, indicating successful injection.

Remediation

It is recommended to implement prepared statements and parameter binding to prevent SQL injection. Additionally, input validation and filtering should be applied to ensure that user inputs conform to expected formats. Minimizing database user permissions can also help reduce the impact of potential exploits.