Submit #553579: Sourcecodester Web-based Pharmacy Product Management System v1.0 SQL Injectioninfo

TitleSourcecodester Web-based Pharmacy Product Management System v1.0 SQL Injection
Description**Vulnerability Summary: SQL Injection in Web-based Pharmacy Product Management System** **Affected System:** Web-based Pharmacy Product Management System (version ≤ v1.0) **Vulnerability Type:** SQL Injection (CWE-89) **Severity:** **HIGH** **Discovered By:** yaklang.io, IRify, Yakit ### **Root Cause** Multiple PHP files (including `search_stock.php` and `search_sales.php`) directly concatenate user-controlled input (`name` parameter) into SQL queries without sanitization or parameterized statements, leading to SQL injection vulnerabilities. ### **Impact** - **Unauthorized database access** (data extraction, modification, or deletion) - **Potential leakage of sensitive information** (user credentials, product data) - **Database compromise via arbitrary SQL execution** ### **Proof of Concept (PoC)** Attackers can exploit this flaw using: 1. **Authentication Bypass:** Injecting `' OR '1'='1` to manipulate queries. 2. **Data Exfiltration:** Using UNION-based queries to extract database schema or credentials. **Example Attack Payload:** ```sql ' UNION SELECT 1,2,3,4,database(),user(),version()-- - ``` ### **Recommended Fixes** 1. **Use Prepared Statements** (PDO/MySQLi) to isolate SQL code from user input. 2. **Input Validation & Sanitization** (whitelist acceptable characters). 3. **Security Enhancements:** - Principle of Least Privilege for database users - Web Application Firewall (WAF) rules to block injection patterns - Regular security audits and ORM adoption (e.g., Eloquent, Doctrine) ### **Urgency** **Immediate action required** due to the risk of full system compromise. **References:** - OWASP SQL Injection Prevention Cheat Sheet - CWE-89 Guidance This flaw highlights critical lapses in secure coding practices; patching should precede further system deployment.
Source⚠️ https://github.com/yaklang/IRifyScanResult/blob/main/Web-based%20Pharmacy%20Product%20Management%20System/sql_inject_in_search.md
User
 lingze (UID 83608)
Submission04/08/2025 16:21 (1 Year ago)
Moderation04/16/2025 03:47 (7 days later)
StatusAccepted
VulDB entry304984 [SourceCodester Web-based Pharmacy Product Management System 1.0 search_stock. php Name sql injection]
Points20

PreviousOverviewNext

Do you need the next level of professionalism?

Upgrade your account now!