CVE-2023-31752

9.8 CRITICAL

SQL Injection Authentication Bypass

📋 TL;DR

CVE-2023-31752 is a critical SQL injection vulnerability in SourceCodester Employee and Visitor Gate Pass Logging System v1.0 that allows attackers to execute arbitrary SQL commands via the login.php endpoint. This affects all organizations using the vulnerable version of this gate pass logging software, potentially exposing sensitive employee and visitor data.

💻 Affected Systems

Products:

• SourceCodester Employee and Visitor Gate Pass Logging System

Versions: v1.0

Operating Systems: Any OS running PHP web server

Default Config Vulnerable: ⚠️ Yes

Notes: Affects the default installation with no configuration changes required for exploitation.

📦 What is this software?

Employee And Visitor Gate Pass Logging System by Oretnom23

View all CVEs affecting Employee And Visitor Gate Pass Logging System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise leading to data theft, authentication bypass, privilege escalation, and potential remote code execution on the database server.

🟠

Likely Case

Unauthorized access to sensitive employee and visitor records, authentication bypass, and potential data exfiltration.

🟢

If Mitigated

Limited impact with proper input validation and parameterized queries in place, though some information disclosure may still occur.

🌐 Internet-Facing: HIGH - The vulnerable endpoint is typically internet-facing for remote authentication, making it easily accessible to attackers.

🏢 Internal Only: MEDIUM - Even if not internet-facing, internal attackers or compromised internal systems could exploit this vulnerability.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Public proof-of-concept available on GitHub, exploitation requires minimal technical skill due to simple SQL injection vector.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: No known vendor advisory

Restart Required: No

Instructions:

No official patch available. Consider implementing parameterized queries in /employee_gatepass/classes/Login.php or migrating to alternative software.

🔧 Temporary Workarounds

Web Application Firewall (WAF)

all

Deploy a WAF with SQL injection protection rules to block malicious requests.

Input Validation Filter

all

Implement input validation to sanitize user inputs before processing.

🧯 If You Can't Patch

• Isolate the vulnerable system from internet access and restrict internal network access.
• Implement strict network segmentation and monitor all traffic to/from the vulnerable endpoint.

🔍 How to Verify

Check if Vulnerable:

Copy

Test the /employee_gatepass/classes/Login.php endpoint with SQL injection payloads like ' OR '1'='1 in username/password fields.

Check Version:

Copy

Check the software version in the application interface or configuration files.

Verify Fix Applied:

Copy

Verify that parameterized queries are implemented and SQL injection payloads no longer work.

📡 Detection & Monitoring

Log Indicators:

• Unusual SQL error messages in application logs
• Multiple failed login attempts with SQL-like payloads
• Successful logins from unusual IP addresses

Network Indicators:

• HTTP POST requests to login.php containing SQL keywords (UNION, SELECT, etc.)
• Abnormal database query patterns

SIEM Query:

Copy

source="web_logs" AND uri="/employee_gatepass/classes/Login.php" AND (payload="' OR" OR payload="UNION" OR payload="SELECT")

📊 Metadata

CVE ID: CVE-2023-31752

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-89

Published: May 23, 2023

Last Updated: January 17, 2025

🔗 References

• https://github.com/4O4NtFd/bug_report/blob/main/SQLI2/SQLi-2.md Exploit
• https://github.com/4O4NtFd/bug_report/blob/main/SQLI2/SQLi-2.md Exploit

📤 Share & Export

Twitter LinkedIn Reddit Copy Link

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-31752, you might also want to check these:

CVE-2024-8522 10.0

This vulnerability allows unauthenticated attackers to perform SQL injection attacks on WordPress si...

Same vulnerability type (CWE-89)

CVE-2024-13152 10.0

This SQL injection vulnerability in BSS Software's Mobuy Online Machinery Monitoring Panel allows at...

Same vulnerability type (CWE-89)

CVE-2021-42311 10.0

CVE-2021-42311 is a critical SQL injection vulnerability in Microsoft Defender for IoT that allows r...

Same vulnerability type (CWE-89)