AbhishekMali21 GYM Management System SQL Injection Vulnerability

Multiple SQL injection vulnerabilities have been identified in AbhishekMali21 GYM-MANAGEMENT-SYSTEM version 1.0. These vulnerabilities arise in the search and payment modules, allowing unauthenticated remote attackers to inject malicious SQL commands. The affected files are member_search.php, trainer_search.php, gym_search.php, and payment_search.php. Exploitation of these vulnerabilities could lead to unauthorized data extraction, authentication bypass, or modification of database contents.

Impact

Exploitation of these vulnerabilities allows for SQL injection, enabling attackers to manipulate database queries. This could result in unauthorized data access, data modification, or extraction of sensitive information from the database.

Reproduction

To reproduce this vulnerability, navigate to one of the affected search pages (member_search.php, trainer_search.php, or gym_search.php). Use a proxy tool like Burp Suite to intercept the request and inject a payload such as ' OR 1=1 -- - into the 'name' parameter. The server will respond with all database records, demonstrating the successful injection. For the payment_search.php vulnerability, inject a similar payload into the 'id' parameter.

Remediation

It is recommended to use prepared statements with mysqli_prepare to prevent SQL injection attacks by properly sanitizing user input before executing database queries.