Description
Admidio, a user management solution, contains a SQL injection issue in the member assignment data retrieval functionality. An authenticated user with role assignment permissions can execute arbitrary SQL commands, potentially leading to a full compromise of the application's database, including data reading, modification, and deletion. The vulnerability resides in the
adm program/modules/groups-roles/members assignment data.php
script, specifically in how the
filter rol uuid
GET parameter is handled. The parameter is not sufficiently sanitized before being used in a raw SQL query. The vulnerable code directly concatenates the
filter rol uuid
variable into the SQL query, allowing an attacker to inject malicious SQL code. The vulnerable file is
adm program/modules/groups-roles/members assignment data.php
. The vulnerable parameter is
filter rol uuid
.