PHPGurukul Online Banquet Booking System SQL Injection Vulnerability

A SQL injection vulnerability has been identified in PHPGurukul Online Banquet Booking System version 1.0. The issue resides in the '/admin/view-user-queries.php' file, specifically within the 'viewid' parameter. This vulnerability allows attackers to inject arbitrary SQL code, potentially leading to unauthorized database access and manipulation. The flaw arises from inadequate input sanitization, with user input being directly incorporated into SQL queries without proper binding or escaping. Notably, this vulnerability can be exploited remotely and does not require authentication.

Impact

Exploitation of this vulnerability allows for unauthorized access to the database, extraction, tampering, or deletion of data, and could lead to a full system compromise. Additionally, the vulnerability could be used to cause a denial-of-service by manipulating database operations.

Reproduction

The vulnerability can be reproduced by sending a GET request to '/obbs/admin/view-user-queries.php' with the 'viewid' parameter. The injected SQL payload can exploit the vulnerability by, for example, appending 'OR 1--' to the 'viewid' parameter, which would bypass certain SQL query conditions and potentially expose database information.

Remediation

It is recommended to use prepared statements for SQL queries to prevent injection vulnerabilities. Input validation should be implemented to sanitize user input, and database privileges should be limited to avoid using high-privilege users in application logic.