Yashpokharna2555 Student Management System SQL Injection Vulnerability in studentdel.php

A SQL injection vulnerability has been identified in the Yashpokharna2555 Student Management System, affecting versions up to cb2f558ddf8d19396de0f92abf2d224d46a0a203. The issue arises in the studentdel.php file, specifically within the confirm_logged_in function. The vulnerability allows remote attackers to manipulate the ID parameter, leading to unauthorized data deletion. The application lacks proper authentication and authorization, enabling exploitation without credentials.

Impact

Exploitation of this vulnerability could result in unauthorized deletion of student records from the database. An attacker could delete all entries in the student table, causing complete data loss. This action would disrupt application functionality, making it unusable until the data is restored. Additionally, the vulnerability could be exploited to perform selective data deletion, disrupting normal operations. The lack of authentication also allows low-privileged users to execute destructive actions typically reserved for administrators.

Reproduction

To reproduce this vulnerability, send a GET request to studentdel.php without logging in. Include a crafted ID parameter that exploits the SQL injection, such as '9999 OR 1=1'. The application will process the request, delete all student records, and display a JavaScript alert confirming the deletion.