Code-Projects Employee Management System SQL Injection Vulnerability

A SQL injection vulnerability has been identified in Code-Projects Employee Management System version 1.0. The issue resides in the file '370project/edit.php', where user-controlled input in the 'id' parameter is not properly sanitized before being included in SQL queries. This flaw allows attackers to manipulate SQL statements, potentially leading to unauthorized data access, exploitation of database logic, or degradation of service by causing time-consuming database operations. The vulnerability can be exploited remotely and has been publicly disclosed, with an available proof-of-concept exploit.

Impact

Exploitation of this vulnerability allows for time-based blind SQL injection, where an attacker can infer data from the database by observing response time variations. Additionally, the vulnerability could be used to bypass query logic and access unauthorized records, depending on database privileges. The injection could also be exploited to execute time-delay commands, causing a degradation of service availability.

Reproduction

To reproduce this vulnerability, send a GET request to '370project/edit.php' with a crafted 'id' parameter that exploits the SQL injection flaw. The injection can be verified by comparing the response time of a normal request with one that includes the SQL injection payload, which should cause a noticeable delay as the database processes the injected command.