Code-Projects Simple Flight Ticket Booking System SQL Injection Vulnerability

A SQL injection vulnerability exists in Code-Projects Simple Flight Ticket Booking System version 1.0, specifically within the '/Adminupdate.php' file. The vulnerability arises because the application fails to properly sanitize or validate input from several GET parameters, including 'flightno', 'airplaneid', 'departure', 'dtime', 'arrival', 'atime', 'ec', 'ep', 'bc', and 'bp'. This lack of input validation allows attackers to inject malicious SQL queries, potentially leading to unauthorized database access, data modification or deletion, and exposure of sensitive information. The vulnerability can be exploited remotely, although it may require admin authentication, depending on the deployment.

Impact

Exploitation of this vulnerability allows for SQL injection, where attackers can manipulate SQL queries to modify, delete, or access database information unlawfully. In this case, it could involve altering flight records or executing arbitrary SQL commands.

Reproduction

To reproduce this vulnerability, send a GET request to 'Adminupdate.php' with injected SQL code in the 'flightno' parameter, bypassing input validation and sanitation. The injection can be crafted to manipulate SQL queries, such as by exploiting a vulnerable SQL UPDATE command that uses the 'flightno' parameter without proper sanitization.

Remediation

It is recommended to use prepared statements and parameter binding to prevent SQL injection. Additionally, implement input validation and filtering to ensure that user-supplied data is safe before processing it in SQL queries.