SourceCodester Sales and Inventory System SQL Injection Vulnerability in View Category Component

A SQL injection vulnerability has been identified in SourceCodester Sales and Inventory System version 1.0. The issue resides in the 'view_category.php' file, specifically within the HTTP POST request handler. The vulnerability is triggered by manipulating the 'searchtxt' parameter, allowing authenticated attackers to inject and execute arbitrary SQL commands. This exploitation can be performed remotely, and the injected SQL can be used to exfiltrate sensitive data from the application's MySQL database.

Impact

Exploitation of this vulnerability allows for UNION-based, Boolean-based blind, and Time-based blind SQL injection, enabling attackers to retrieve and display database content, such as categories, and potentially other tables via UNION attacks.

Reproduction

To reproduce this vulnerability, log into the application and navigate to the Category List page. Once there, use the search bar to submit SQL injection payloads through the 'searchtxt' parameter. Alternatively, capture the request and use a tool like SQLMap to automate the exploitation.