SourceCodester Sales and Inventory System SQL Injection Vulnerability in Update Category Component

A SQL injection vulnerability has been identified in SourceCodester Sales and Inventory System version 1.0. The issue resides in the 'update_category.php' file, where the 'sid' parameter in the HTTP GET request is not properly sanitized. This flaw allows authenticated attackers to inject arbitrary SQL commands, exploiting the application’s MySQL database. The vulnerability supports UNION-based injections, enabling direct retrieval of sensitive database information, as well as Boolean-based and time-based blind SQL injection techniques.

Impact

Successful exploitation allows attackers to execute arbitrary SQL commands, potentially leading to unauthorized data access, data manipulation, or database enumeration.

Reproduction

To reproduce this vulnerability, log into the application and send a crafted HTTP GET request to 'update_category.php' with an injected SQL payload in the 'sid' parameter. Alternatively, use SQLMap to automate the exploitation.