A critical SQL Injection vulnerability has been identified in the kashipara Online Exam System. This flaw allows a remote, unauthenticated attacker to execute arbitrary commands on the application's database, potentially leading to a complete compromise of sensitive student and exam data. Due to the high severity and ease of exploitation, immediate remediation is required to prevent a significant data breach.

The vulnerability exists within the user profile update page, specifically /exam/user/profile.php. The application fails to properly sanitize user-supplied input for the rname, rcollage, rnumber, rgender, and rpassword parameters in a POST request. An attacker can inject malicious SQL commands into these parameters, which are then executed directly by the backend database, granting them unauthorized access and control.

This vulnerability is rated as critical severity with a CVSS score of 9.1, posing a significant threat to the organization. Successful exploitation could lead to a catastrophic data breach, exposing sensitive personally identifiable information (PII) of users, exam results, and administrative credentials. The potential consequences include severe reputational damage, financial loss from regulatory fines (e.g., GDPR, FERPA), and the complete loss of data integrity within the exam system.

Immediate Action: Update the kashipara Online Exam System to the latest version as recommended by the vendor. After patching, immediately monitor for any signs of exploitation attempts by reviewing server and application access logs for suspicious activity targeting the vulnerable page.

Proactive Monitoring: Implement enhanced monitoring of HTTP traffic to the web server. Specifically, look for POST requests to /exam/user/profile.php that contain common SQL injection payloads (e.g., ', --, UNION, SELECT, SLEEP()). Utilize a Web Application Firewall (WAF) with rulesets designed to detect and block SQL injection attacks in real-time.

Compensating Controls: If patching cannot be performed immediately, implement a WAF rule to specifically block malicious requests to the /exam/user/profile.php endpoint. Restrict access to this page from untrusted networks if feasible. As a last resort, temporarily disable the user profile update functionality until a patch can be applied.

Public Exploit Available: false

Given the critical CVSS score of 9.1 and the high potential for a complete database compromise, this vulnerability requires immediate attention. Although it is not currently listed on the CISA KEV (Known Exploited Vulnerabilities) catalog, its severity warrants treating it with the highest priority. We strongly recommend that the organization apply the vendor-supplied patch immediately and implement proactive monitoring to detect and prevent any exploitation attempts.