Code-Projects Online Music Site SQL Injection Vulnerability in AdminUpdateCategory.php

A SQL injection vulnerability exists in version 1.0 of Code-Projects Online Music Site, specifically within the AdminUpdateCategory.php file. The issue arises because the application improperly sanitizes the 'txtcat' parameter in multipart form data, allowing attackers to inject malicious SQL code. This vulnerability can be exploited remotely, without any authentication.

Impact

Exploitation of this vulnerability allows attackers to manipulate SQL queries, potentially leading to unauthorized data access, data modification, and in some cases, executing administrative operations on the database. Such actions could disrupt the application's normal functioning and compromise the integrity of the stored data.

Reproduction

To reproduce this vulnerability, send a POST request to the AdminUpdateCategory.php file located in the Administrator/PHP directory. Include the 'txtcat' parameter in the multipart form data, injecting a crafted SQL payload that exploits the application's SQL query handling. The request can be made using tools like Burp Suite or Postman, or through a simple HTML form that uploads a file as part of the request.

Remediation

It is recommended to use prepared statements and parameterized queries to prevent SQL injection. Additionally, input validation and sanitization should be implemented to ensure that user inputs do not contain malicious data. Finally, database user permissions should be restricted to the minimum necessary for application functionality.