PHPGurukul Directory Management System SQL Injection Vulnerability in Manage Directory File

A critical SQL injection vulnerability has been identified in PHPGurukul Directory Management System version 2.0. The issue resides in the file '/admin/manage-directory.php', where the 'del' parameter is manipulated to inject malicious SQL code. This unsanitized input is executed in SQL queries, allowing attackers to access and manipulate the database without authorization. The vulnerability can be exploited remotely, with public knowledge of the exploit available.

Impact

Exploitation of this vulnerability allows attackers to inject malicious SQL queries, potentially leading to unauthorized database access, data manipulation or deletion, and execution of administrative operations.

Reproduction

The vulnerability can be reproduced by sending a GET request to '/dms/admin/manage-directory.php' with the 'del' parameter. The request should include a payload that exploits the time-based blind SQL injection, such as using the 'RLIKE' operator to inject a 'SLEEP' command, which can be used to test the vulnerability by causing a delay in the response.

Remediation

It is recommended to update the PHPGurukul Directory Management System to a version that addresses this vulnerability. Users can check the PHPGurukul website for the latest version or contact their support for assistance.