### Key Information #### Vulnerability Details - **CVE ID**: CVE-2025-60316 - **Discoverer**: Ivan Coso (https://www.linkedin.com/in/ivancoso/) - **Affected Product**: Pet Grooming Management - 1.0 - **Vendor**: Sourcecodester - **Vulnerability Type**: SQL Injection (SQLI) #### Description Sourcecodester Pet Grooming Management Software 1.0 is vulnerable to SQL injection via the `id` parameter in `admin/view_customer.php`. #### Attack Vector Attackers with administrative privileges can exploit the SQL injection vulnerability using malicious SQL queries to access sensitive data, dump privileges, modify records, and potentially compromise the entire system. #### Attack Type - Remote: True - Affects Code Execution: True - Affects Denial of Service: True - Affects Privilege Escalation: True - Affects Information Disclosure: True #### Critical Steps to Reproduce 1. After logging in, the dashboard is displayed. 2. In the "Customer Management" section, select a customer to modify. 3. The customer is identified by the `id` parameter, as shown by intercepting the request using Burp Suite. 4. The parameter is vulnerable to SQL injection, allowing database dumping via automated tools like SQLMap. #### Warning **Impact** 1. Enables unauthorized database access, allowing attackers to read, modify, or delete sensitive records. 2. Enables authentication bypass and privilege escalation, granting attackers administrative control. 3. Facilitates large-scale data leakage and tampering, compromising data integrity, business continuity, and user trust. #### Recommendations 1. **Parameterized Queries / Prepared Statements** - Use parameterized queries or prepared statements for all database access. Never directly insert user input into SQL commands. 2. **Input Validation and Sanitization** - Validate and normalize user input on the server side using strict allowlists (type/length/format), and reject or sanitize malicious values. 3. **Principle of Least Privilege for Database Accounts** - Ensure database credentials used by the application have only the minimum required privileges (e.g., separate read/write/administrator roles). 4. **Avoid Dynamic SQL and Disable Stack Traces** - Avoid constructing dynamic SQL; if unavoidable, use secure parameter binding and disable support for multiple statements. 5. **Robust Error Handling and Logging** - Do not expose database error messages to users; log suspicious queries and anomalies for monitoring and forensic analysis.