SourceCodester Personnel Record Management System SQL Injection Vulnerability

A SQL injection vulnerability has been identified in SourceCodester's Personnel Record Management System version 1.0. The issue arises in the Login component, specifically within the index.php file, where user input for the Username parameter is not properly sanitized. This oversight allows for SQL injection attacks that can be executed remotely. Exploitation of this vulnerability could lead to authentication bypass, unauthorized access to user accounts, and access to the administrator dashboard, where sensitive data can be viewed and modified.

Impact

Exploitation of this vulnerability allows for SQL injection, which can be used to bypass authentication, take over user accounts, steal plaintext passwords, and gain unauthorized access to the administrator dashboard. Once accessed, an attacker can view and modify any stored information, leading to significant data disclosure and system compromise.

Reproduction

To reproduce this vulnerability, send a POST request to the index.php file of the Personnel Record Management System 1.0. Include the Username and Password parameters. The Username parameter can be manipulated to inject SQL payloads, such as terminating the string and adding SQL logic, which bypasses authentication and grants access to the admin interface. This vulnerability can also be reproduced through the search_user.php file by injecting SQL payloads into the search parameter, exploiting the application's search functionality.

Remediation

It is recommended to update the application to a version that addresses this vulnerability, once available. In the meantime, users should monitor official channels for security patches. Additionally, implement input validation and use prepared statements to prevent SQL injection. Review database permissions and disable PHP error displaying in production environments.