SourceCodester Sanitization Management System sql injection

Vulnerability

A critical SQL injection vulnerability exists in SourceCodester Sanitization Management System (version unspecified) in the file /php-sms/?p=services/view_service. The id parameter is not properly sanitized before being used in a SQL query, allowing an attacker to inject arbitrary SQL commands. The vulnerability is classified as critical and has been publicly disclosed [1].

Exploitation

An attacker can exploit this vulnerability remotely without authentication by sending a crafted HTTP request to the vulnerable endpoint with a malicious id parameter. The exploit has been demonstrated and is publicly available, as shown in the referenced proof-of-concept image [1]. No special privileges or user interaction are required.

Impact

Successful exploitation allows an attacker to execute arbitrary SQL statements on the backend database. This can lead to unauthorized access to sensitive data, modification or deletion of database records, and potentially further compromise of the server depending on database permissions.

Mitigation

As of the publication date (2022-10-14), no official patch or fixed version has been released by SourceCodester. Users should consider restricting network access to the application, implementing a web application firewall (WAF) to block SQL injection attempts, or migrating to an alternative solution if available. The vendor has not provided a workaround.