CVE-2023-45111 – Online Examination System v1.0 contains unauthe... (How to Fix)

Q: What is the severity of CVE-2023-45111?

CVE-2023-45111 has a CVSS score of 9.8 (CRITICAL). Online Examination System v1.0 contains unauthenticated SQL injection vulnerabilities in the feed.php resource's email parameter. Attackers can execute arbitrary SQL commands without authentication, potentially compromising the entire database. All deployments of this specific software version are affected.

📋 TL;DR

Online Examination System v1.0 contains unauthenticated SQL injection vulnerabilities in the feed.php resource's email parameter. Attackers can execute arbitrary SQL commands without authentication, potentially compromising the entire database. All deployments of this specific software version are affected.

💻 Affected Systems

Products:

Online Examination System

Versions: v1.0

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: The vulnerability exists in the default installation with no special configuration required.

📦 What is this software?

Online Examination System by Online Examination System Project

View all CVEs affecting Online Examination System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including data theft, data manipulation, authentication bypass, and potential remote code execution via database functions.

🟠

Likely Case

Database information disclosure, credential theft, and unauthorized access to examination data and user information.

🟢

If Mitigated

Limited impact with proper input validation and database permissions, potentially only error messages or partial data exposure.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

SQL injection via email parameter in feed.php requires no authentication and uses common SQL injection techniques.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://projectworlds.in/

Restart Required: No

Instructions:

No official patch available. Consider replacing with alternative software or implementing custom fixes.

🔧 Temporary Workarounds

Input Validation and Sanitization

all

Implement server-side validation and parameterized queries for the email parameter in feed.php

Modify feed.php to use prepared statements with parameterized queries

Web Application Firewall

all

Deploy WAF with SQL injection protection rules

Configure WAF to block SQL injection patterns in POST/GET parameters

🧯 If You Can't Patch

Isolate the system behind a reverse proxy with strict input validation
Implement network segmentation and restrict database access to minimum required connections

🔍 How to Verify

Check if Vulnerable:

Test feed.php endpoint with SQL injection payloads in email parameter (e.g., email=test' OR '1'='1)

Check Version:

Check software version in admin panel or configuration files

Verify Fix Applied:

Verify parameterized queries are implemented and SQL injection attempts return proper error handling

📡 Detection & Monitoring

Log Indicators:

Unusual SQL errors in application logs
Multiple failed login attempts from single IP
Database query patterns with SQL keywords in email parameter

Network Indicators:

HTTP requests to feed.php with SQL injection patterns in parameters
Unusual database connection patterns

SIEM Query:

source="web_logs" AND uri="/feed.php" AND (param="email" AND value MATCH "[';]|OR|UNION|SELECT")

📊 Metadata

CVE ID: CVE-2023-45111

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-89

Published: November 2, 2023

Last Updated: November 21, 2024

🔗 References

https://fluidattacks.com/advisories/pires Exploit,Third Party Advisory
https://projectworlds.in/ Product
https://fluidattacks.com/advisories/pires Exploit,Third Party Advisory
https://projectworlds.in/ Product

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-45111, you might also want to check these: