Login Sign Up

CVE-2023-48720

9.8 CRITICAL
SQL Injection Authentication Bypass

📋 TL;DR

CVE-2023-48720 is an unauthenticated SQL injection vulnerability in Student Result Management System v1.0's login.php page. Attackers can execute arbitrary SQL commands without credentials, potentially compromising the entire database. All deployments of this specific software version are affected.

💻 Affected Systems

Products:
  • Student Result Management System
Versions: v1.0
Operating Systems: Any OS running PHP and MySQL/MariaDB
Default Config Vulnerable: ⚠️ Yes
Notes: Affects all installations of v1.0 regardless of configuration. Requires PHP and database backend.

📦 What is this software?

Student Result Management System by Phpgurukul

View all CVEs affecting Student Result Management System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including data theft, data manipulation, authentication bypass, and potential remote code execution on the database server.

🟠

Likely Case

Database information disclosure, credential theft, and unauthorized access to student records and administrative functions.

🟢

If Mitigated

Limited impact with proper input validation and database permissions, though system availability could still be affected.

🌐 Internet-Facing: HIGH - The vulnerability is in a login page typically exposed to the internet, allowing remote exploitation.
🏢 Internal Only: MEDIUM - Internal attackers could still exploit this, but external threat is higher due to internet exposure.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

SQL injection in login page is trivial to exploit with basic SQL knowledge. Public advisories provide technical details.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: No official vendor advisory found

Restart Required: No

Instructions:

No official patch available. Consider replacing with secure alternative software or implementing workarounds.

🔧 Temporary Workarounds

Input Validation and Parameterized Queries

all

Modify login.php to validate and sanitize password parameter using prepared statements

Replace raw SQL queries with PDO or mysqli prepared statements in login.php

Web Application Firewall (WAF)

all

Deploy WAF to block SQL injection patterns

Configure WAF rules to block SQL injection attempts on login.php

🧯 If You Can't Patch

  • Isolate the system behind a firewall with strict access controls
  • Implement network segmentation to limit database server exposure

🔍 How to Verify

Check if Vulnerable:

Test login.php with SQL injection payloads like ' OR '1'='1 in password field

Check Version:

Check software version in admin panel or configuration files

Verify Fix Applied:

Verify prepared statements are used and SQL injection attempts are properly rejected

📡 Detection & Monitoring

Log Indicators:

  • Unusual SQL errors in application logs
  • Multiple failed login attempts with SQL patterns

Network Indicators:

  • SQL keywords in HTTP POST requests to login.php
  • Unusual database query patterns

SIEM Query:

source="web_logs" AND uri="/login.php" AND (request_body LIKE "%OR%" OR request_body LIKE "%UNION%" OR request_body LIKE "%SELECT%")

📊 Metadata

CVE ID: CVE-2023-48720
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-89
Published: December 21, 2023
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-48720, you might also want to check these:

CVE-2024-8522 10.0

This vulnerability allows unauthenticated attackers to perform SQL injection attacks on WordPress si...

Same vulnerability type (CWE-89)
CVE-2024-13152 10.0

This SQL injection vulnerability in BSS Software's Mobuy Online Machinery Monitoring Panel allows at...

Same vulnerability type (CWE-89)
CVE-2021-42311 10.0

CVE-2021-42311 is a critical SQL injection vulnerability in Microsoft Defender for IoT that allows r...

Same vulnerability type (CWE-89)