SourceCodester Medicine Tracker System sql injection
Description
A vulnerability classified as critical has been found in SourceCodester Medicine Tracker System 1.0. This affects an unknown part of the file /classes/Users.php?f=register_user. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-270009 was assigned to this vulnerability.
Affected products
2= 1.0+ 1 more
- (no CPE)range: = 1.0
- (no CPE)range: 1.0
Patches
0No patches discovered yet.
Vulnerability mechanics
Root cause
"Missing input sanitization in the `username` parameter allows SQL injection in the `register_user` function of `/classes/Users.php`."
Attack vector
An attacker can exploit the SQL injection by sending a crafted POST request to `/classes/Users.php?f=register_user` with a malicious `username` parameter [ref_id=1]. The attack is remotely exploitable without authentication, as the registration functionality is publicly accessible. The researcher demonstrated intercepting the registration traffic with Burp Suite and then using sqlmap to identify and exploit the time-based blind SQL injection on the `MULTIPART username` parameter [ref_id=1].
Affected code
The vulnerable code path is in `/classes/Users.php`, specifically the `register_user` function that handles the `username` POST parameter [ref_id=1]. The file is part of the SourceCodester Medicine Tracker System version 1.0 [ref_id=1].
What the fix does
No patch has been published for this vulnerability. The advisory does not include a fix or remediation guidance from the vendor [ref_id=1]. To close the vulnerability, the application should use parameterized queries (prepared statements) or properly escape/sanitize the `username` input before including it in SQL queries.
Preconditions
- networkThe application must be running SourceCodester Medicine Tracker System 1.0 with the registration endpoint accessible.
- inputThe attacker must be able to send HTTP POST requests to the server.
Reproduction
1. Intercept the registration request to `/classes/Users.php?f=register_user` using Burp Suite while creating an account on the application [ref_id=1]. 2. Save the intercepted request as `register.txt`. 3. Run sqlmap against the saved request file: `sqlmap -r register.txt`. 4. sqlmap will identify the `MULTIPART username` POST parameter as vulnerable to time-based blind SQL injection and can enumerate databases [ref_id=1].
Generated on May 24, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
4- github.com/jadu101/CVE/blob/main/SourceCodester_Medicine_Tracker_System_Users_php_sqli.mdmitreexploit
- vuldb.commitrethird-party-advisory
- vuldb.commitresignaturepermissions-required
- vuldb.commitrevdb-entrytechnical-description
News mentions
0No linked articles in our index yet.