CVE-2020-24000 – This SQL injection vulnerability in eyoucms v1.... (How to Fix)

Q: What is the severity of CVE-2020-24000?

CVE-2020-24000 has a CVSS score of 9.8 (CRITICAL). This SQL injection vulnerability in eyoucms v1.4.7 allows attackers to execute arbitrary SQL commands via the tid parameter in index.php. Attackers can potentially read, modify, or delete database content, execute system commands, and access sensitive information. All systems running the vulnerable version are affected.

📋 TL;DR

This SQL injection vulnerability in eyoucms v1.4.7 allows attackers to execute arbitrary SQL commands via the tid parameter in index.php. Attackers can potentially read, modify, or delete database content, execute system commands, and access sensitive information. All systems running the vulnerable version are affected.

💻 Affected Systems

Products:

eyoucms

Versions: v1.4.7

Operating Systems: All platforms running PHP

Default Config Vulnerable: ⚠️ Yes

Notes: All installations of eyoucms v1.4.7 are vulnerable by default

📦 What is this software?

Eyoucms by Eyoucms

View all CVEs affecting Eyoucms →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise including remote code execution, database exfiltration, and persistent backdoor installation

🟠

Likely Case

Database information disclosure, data manipulation, and potential privilege escalation

🟢

If Mitigated

Limited impact with proper input validation and database permissions

🌐 Internet-Facing: HIGH - Directly exploitable via web requests without authentication

🏢 Internal Only: HIGH - Equally exploitable from internal networks

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Simple SQL injection requiring minimal technical skill to exploit

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: v1.4.8 or later

Vendor Advisory: https://github.com/eyoucms/eyoucms/issues/13

Restart Required: No

Instructions:

1. Backup your database and files. 2. Download latest version from official repository. 3. Replace vulnerable files with patched version. 4. Verify parameter sanitization in index.php

🔧 Temporary Workarounds

Input Validation Filter

all

Add parameter validation for tid parameter before processing

Add input validation in index.php: if(!is_numeric($_GET['tid'])) { die('Invalid parameter'); }

Web Application Firewall

all

Deploy WAF with SQL injection protection rules

🧯 If You Can't Patch

Implement strict input validation for all GET/POST parameters
Restrict database user permissions to minimum required

🔍 How to Verify

Check if Vulnerable:

Check if version is 1.4.7 and test tid parameter with SQL injection payloads

Check Version:

Check eyoucms version in admin panel or read version file

Verify Fix Applied:

Verify version is 1.4.8+ and test tid parameter with SQL injection payloads

📡 Detection & Monitoring

Log Indicators:

Unusual SQL errors in logs
Multiple requests with SQL-like tid parameters
Database connection errors

Network Indicators:

HTTP requests with SQL injection patterns in tid parameter
Unusual database traffic patterns

SIEM Query:

source="web_logs" AND (tid="' OR '1'='1" OR tid LIKE "%UNION%" OR tid LIKE "%SELECT%" OR tid LIKE "%INSERT%")

📊 Metadata

CVE ID: CVE-2020-24000

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-89

Published: November 3, 2021

Last Updated: November 21, 2024

🔗 References

https://github.com/eyoucms/eyoucms/issues/13 Exploit,Third Party Advisory
https://github.com/eyoucms/eyoucms/issues/13 Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-24000, you might also want to check these: