SVX Portal SQL Injection Vulnerability in Update Settings Admin Page

A SQL injection vulnerability has been identified in SVX Portal version 2.7A. The issue arises in the admin/update_setings.php file, where user-supplied POST data is improperly sanitized before being incorporated into SQL queries. This vulnerability allows authenticated users with admin privileges to manipulate application settings and potentially exploit the database further.

Impact

Exploitation of this vulnerability allows for unauthorized modification of application-wide configuration settings, which can lead to persistent misconfigurations and disruption of application functionality. Additionally, if the database user has weak permissions or if other injection vectors are available, this vulnerability could be leveraged for data extraction, causing a denial of service, or further compromising the application.

Reproduction

To reproduce this vulnerability, authenticate as a user with admin privileges and access the admin/update_setings.php page. Intercept or craft an HTTP POST request to this endpoint, including a malicious POST key or value that exploits the SQL injection vulnerability. Send the request and observe the changes in the Settings table or any unexpected SQL-related errors in the application logs.