# Vulnerability Summary: Pharmacy Sales and Inventory System V1.0 SQL Injection ## Overview * **Vulnerability Name**: Pharmacy Sales and Inventory System Project V1.0 `/ajax.php?action=delete_customer` SQL Injection * **Vulnerability Type**: SQL Injection * **Affected File**: `/ajax.php?action=delete_customer` * **Affected Version**: V1.0 * **Exploitation Condition**: No login or authorization is required * **Root Cause**: The user input parameter `id` is not properly sanitized or validated before being directly concatenated into the SQL query. ## Impact Scope * **Affected Product**: Pharmacy Sales and Inventory System * **Potential Risks**: * Unauthorized access to the database * Sensitive data leakage * Data tampering * Full system compromise * Service disruption ## Vulnerability Details & POC * **Parameter Location**: `id` (POST parameter) * **Injection Type**: Boolean-based blind * **Payload**: ```sql (SELECT (CASE WHEN (7479>7479) THEN '1' ELSE (SELECT 5203 UNION SELECT 7740) END)) ``` ## Remediation Measures 1. **Use Prepared Statements and Parameter Binding**: Employ prepared statements and parameter binding to separate SQL code from user input data. When using prepared statements, user-provided values are treated as pure data and will not be interpreted as SQL code. 2. **Input Validation and Filtering**: Strictly validate and filter user input data to ensure it conforms to expected formats. 3. **Minimize Database User Privileges**: Ensure the database account used for connections has only the minimum privileges necessary for daily operations. Avoid using accounts with high-level privileges (e.g., root or admin). 4. **Regular Security Audits**: Conduct regular code and system security audits to promptly identify and remediate potential security vulnerabilities.