PHPGurukul Online Shopping Portal SQL Injection Vulnerability in Signup Functionality

A critical SQL injection vulnerability has been identified in PHPGurukul Online Shopping Portal Project version 2.0. The issue resides in the signup.php file, specifically within the emailid parameter. This vulnerability allows attackers to inject malicious SQL queries, potentially leading to unauthorized database access, data manipulation, and disclosure of sensitive information. The flaw arises from inadequate input validation, enabling exploitation without authentication.

Impact

Exploitation of this vulnerability allows for SQL injection, where attackers can manipulate database queries. This could result in unauthorized data access, data modification or deletion, and in some cases, executing administrative operations on the database. Such actions could lead to a complete compromise of the application and its data.

Reproduction

To reproduce this vulnerability, send a POST request to /shopping/signup.php with a crafted payload that includes a SQL injection in the emailid parameter. The injection can be time-based, using SQL commands that cause a delay in the response, indicating successful exploitation.

Remediation

It is recommended to implement prepared statements and parameter binding to prevent SQL injection. Additionally, input validation and filtering should be applied to ensure data conforms to expected formats. Minimizing database user permissions can also help reduce the impact of potential exploits.