Code-Projects Simple Flight Ticket Booking System SQL Injection Vulnerability

A SQL injection vulnerability exists in Code-Projects Simple Flight Ticket Booking System version 1.0, specifically within the Adminadd.php file. The vulnerability arises because the application fails to properly sanitize or validate input from several GET parameters, including flightno, airplaneid, departure, dtime, arrival, atime, ec, ep, bc, and bp, before incorporating it into SQL queries. This oversight allows attackers to manipulate SQL commands, potentially leading to unauthorized data access or modification.

Impact

Exploitation of this vulnerability allows attackers to inject malicious SQL queries, which could be used to manipulate the application's database. This includes the possibility of altering or deleting data, or executing arbitrary SQL commands that could compromise the database's integrity.

Reproduction

To reproduce this vulnerability, send a GET request to Adminadd.php with crafted values for the flightno parameter, along with the other mentioned parameters. The injected SQL payload can be designed to exploit the SQL injection flaw, such as by attempting to drop a database table or extract sensitive information from the database.

Remediation

It is recommended to use prepared statements and parameter binding to prevent SQL injection vulnerabilities. Additionally, input validation and filtering should be implemented to ensure that user-supplied data does not interfere with SQL query execution.