PHPGurukul Student Record System SQL Injection Vulnerability in Register.php

A critical SQL injection vulnerability has been identified in PHPGurukul Student Record System version 3.2. The issue resides in the register.php file, where the session parameter is manipulated, allowing attackers to inject malicious SQL code. This vulnerability can be exploited remotely, with the injected SQL code executed without proper input validation or sanitization.

Impact

Exploitation of this vulnerability allows attackers to gain unauthorized access to the application's database, potentially leading to data manipulation, unauthorized data access, and in some cases, full system control.

Reproduction

To reproduce this vulnerability, send a POST request to the register.php file with the session parameter included. The parameter should be crafted to include a SQL injection payload, such as a time-based blind injection that uses the RLIKE operator to test for SQL injection vulnerabilities.

Remediation

It is recommended to use prepared statements and parameter binding to prevent SQL injection vulnerabilities. Additionally, input validation and filtering should be implemented to ensure that user input conforms to expected formats, blocking malicious data. Finally, database user permissions should be minimized, ensuring that the account used to connect to the database has only the necessary privileges.