SQL Injection Vulnerability in IBM website Search Bar

Actual: The IBM search bar is vulnerable to SQL injection attacks, allowing users to inject malicious SQL code into the search input. As a result, the application returns results based on the matched keywords or strings, including files if the SQL injection is used for file search. This behavior poses a severe security risk, enabling unauthorized access to data and potentially compromising the system's integrity.

Steps to Reproduce:

Open the URL: https://www.ibm.com/us-en
Navigate to the search bar.
Enter a search query containing SQL injection payloads, such as:
1; SELECT LOAD_FILE('/etc/passwd')
Submit the search query.
Observe the search results returned by the application, including any files if applicable.

Test Data:

Search Query 1: ' OR 1=1 --
Search Query 2: 1; SELECT LOAD_FILE('/etc/passwd')
Search Query 3: 1 AND (SELECT * FROM (SELECT CONCAT(0x7170786271, (SELECT (CASE WHEN (6744=6744) THEN 1 ELSE 0 END)), 0x7176707071, 0x78))x)
Search Query 4: 1 UNION SELECT * INTO OUTFILE '/var/www/html/shell.php'
Search Query 5: admin' --
Search Query 6: 1; SELECT pg_read_file('confidential/etc/password')

The SQL injection vulnerability in the IBM search bar can be exploited by individuals with malicious intent, including hackers, cybercriminals, or other unauthorized users with knowledge of SQL injection techniques. When exploited, attackers can gain unauthorized access to sensitive data stored within the system, potentially compromising confidentiality, integrity, and availability. Specifically, they may:

Access sensitive information: Attackers can retrieve confidential data stored in databases, such as user credentials, personal information, or proprietary business data.
Manipulate data: By executing malicious SQL queries, attackers can manipulate or modify data within the system, altering records, deleting information, or inserting malicious content.
Escalate privileges: Successful exploitation of the vulnerability may allow attackers to escalate their privileges within the system, gaining administrative access or control over critical functions.
Cause system damage: Attackers can disrupt services, cause system crashes, or initiate other malicious activities that impact the availability and functionality of the IBM search bar and associated systems.
Overall, exploiting the SQL injection vulnerability can lead to severe consequences, including data breaches, financial losses, reputation damage, and legal liabilities for both affected users and the organization hosting the vulnerable application.

Expected Result: The application should properly sanitize user inputs and prevent SQL injection attacks. Specifically, it should: Reject search queries containing SQL injection payloads. Implement strict input validation and sanitization techniques to mitigate SQL injection vulnerabilities. Return an error message or empty results if a search query is detected as potentially malicious. Prevent unauthorized access to sensitive data and ensure the integrity of the system. Additionally, it's crucial to report this critical security issue to IBM's security team immediately. Providing detailed information about the vulnerability and steps to reproduce it will aid IBM's development team in investigating and addressing the issue promptly.