Swatadru Exam Seating Arrangement SQL Injection Vulnerability in Student Login Component

A SQL injection vulnerability has been identified in the Swatadru Exam Seating Arrangement application, specifically in the student.php file within the Student Login component. This vulnerability exists in all versions up to the latest tested release. The issue arises from unsanitized user input in the email parameter, which is directly concatenated into SQL queries without proper preparation, allowing attackers to execute arbitrary SQL commands. The vulnerability can be exploited remotely, and an authentication bypass is possible.

Impact

Exploitation of this vulnerability allows for authentication bypass, enabling attackers to log in as any user, including administrators. Additionally, it permits unauthorized access to sensitive student and exam data, manipulation or deletion of database content, and potentially escalating to full server compromise, depending on database privileges.

Reproduction

To reproduce this vulnerability, send a POST request to the student.php login endpoint. Include a payload in the email parameter that contains a SQL injection, such as appending a SQL command to manipulate the query. The SQL injection can be confirmed by using a tool like SQLMap to automate the detection and exploitation process.

Remediation

It is recommended to use prepared statements to handle SQL queries, validate and sanitize user input, hash passwords before storage, and restrict database account privileges to the minimum necessary.