PHPGurukul Vehicle Parking Management System SQL Injection Vulnerability in Forgot Password Feature

A critical SQL injection vulnerability has been identified in the PHPGurukul Vehicle Parking Management System version 1.13. The issue resides in the 'forgot-password.php' file within the 'users' directory. The vulnerability is triggered by manipulating the 'email' parameter, which is processed without adequate input validation or sanitization, allowing attackers to inject malicious SQL code. This exploitation can be executed remotely, without any authentication requirements.

Impact

Exploitation of this vulnerability allows attackers to inject and execute arbitrary SQL commands, potentially leading to unauthorized data access, data manipulation, or execution of administrative operations on the database.

Reproduction

The vulnerability can be reproduced by sending a POST request to '/vpms/users/forgot-password.php' with an 'email' parameter that includes a crafted SQL payload. This payload should exploit the application's SQL query handling by, for example, using time-based blind SQL injection techniques.

Remediation

It is recommended to validate and sanitize user inputs, particularly in the 'email' parameter of the 'forgot-password.php' file. Implementing prepared statements for database queries can also help mitigate SQL injection risks.