| Title | Sourcecodester Web-based Pharmacy Product Management System v1.0 SQL Injection |
|---|
| Description | **Summary:**
**Vulnerability Title:** SQL Injection in Web-Based Pharmacy Product Management System (<= v1.0)
**Reported by:** yaklang.io, IRify, Yakit
**Affected Files:** Multiple PHP files including `edit-admin.php`, `add-admin.php`, and others.
**Vulnerability Type:** SQL Injection (CWE-89)
**Root Cause:** The system fails to validate user inputs adequately, specifically the email field, which is directly used in SQL queries across several PHP files. This oversight allows attackers to manipulate SQL queries through user-controlled inputs, leading to unauthorized database access.
**Impact:**
- Unauthorized access to sensitive database information.
- Potential exposure of user passwords and other sensitive data.
- Risk of database corruption or manipulation.
**Description:** The vulnerability arises from the direct concatenation of user inputs into SQL statements without proper sanitization or prepared statements. This flaw allows attackers to inject malicious SQL codes that can alter query logic, extract data, and potentially gain unauthorized access to the system.
**Proof of Concept:** Utilizing tools like Yakit, attackers can manipulate the `add-admin.php` POST request to inject SQL codes, demonstrating the vulnerability's exploitability.
**Suggested Repairs:**
1. **Implement Prepared Statements:** Use parameterized queries to prevent SQL injection.
2. **Input Validation:** Validate and sanitize all user inputs to ensure they meet expected formats and contents.
3. **Security Recommendations:** Apply principle of least privilege, encrypt sensitive data, implement Web Application Firewall (WAF) protections, conduct regular security audits, and utilize ORM frameworks for database interactions.
**Additional Information:** Reference to OWASP SQL Injection Prevention Guide and CERT Oracle Secure Coding Standard for Java provides further mitigation strategies. Immediate action is recommended due to the high severity of the vulnerability, which poses a substantial threat to data security.
**Conclusion:** The identification of SQL Injection vulnerability in the Web-Based Pharmacy Product Management System underscores the critical need for robust security practices in web application development. Prompt implementation of the suggested repairs will significantly mitigate the risk of data breaches and ensure the integrity and security of user data. |
|---|
| Source | ⚠️ https://github.com/yaklang/IRifyScanResult/blob/main/Web-based%20Pharmacy%20Product%20Management%20System/sql_inject_in_session_email.md |
|---|
| User | lingze (UID 83608) |
|---|
| Submission | 04/08/2025 16:17 (1 Year ago) |
|---|
| Moderation | 04/16/2025 03:45 (7 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 304983 [SourceCodester Web-based Pharmacy Product Management System 1.0 Login login_email sql injection] |
|---|
| Points | 20 |
|---|