PHPGurukul Online Course Registration System SQL Injection Vulnerability

A critical SQL injection vulnerability exists in PHPGurukul Online Course Registration System versions through 3.1. The issue is located in the file /enroll.php, where multiple POST parameters are concatenated into an SQL query without proper sanitization. This vulnerability allows authenticated attackers to inject malicious SQL commands, potentially leading to unauthorized data access or database manipulation.

Impact

Exploitation of this vulnerability allows for SQL injection, where an attacker can interfere with the application's database queries. This could lead to unauthorized data access, data manipulation, or in some cases, executing administrative operations on the database.

Reproduction

To reproduce this vulnerability, log in as a student and complete the pincode verification. Then, navigate to the enrollment form and intercept the POST request. Inject an SQL payload into the 'department' parameter, such as a crafted string that exploits the SQL query construction. After modifying the request with the SQL injection payload, send it to the server. The injected SQL command will be executed by the database, demonstrating the vulnerability.