Login Sign Up

CVE-2024-0359

7.3 HIGH
SQL Injection Authentication Bypass

📋 TL;DR

This critical SQL injection vulnerability in Simple Online Hotel Reservation System 1.0 allows attackers to manipulate database queries through the login form. Attackers can potentially bypass authentication, extract sensitive data, or execute arbitrary SQL commands. Any organization using this vulnerable version is affected.

💻 Affected Systems

Products:
  • Simple Online Hotel Reservation System
Versions: 1.0
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: Affects the login.php file specifically. Any deployment using the default code is vulnerable.

📦 What is this software?

Simple Online Hotel Reservation System by Code Projects

View all CVEs affecting Simple Online Hotel Reservation System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including credential theft, data exfiltration, and potential remote code execution if database permissions allow.

🟠

Likely Case

Authentication bypass leading to unauthorized system access, followed by data extraction and potential privilege escalation.

🟢

If Mitigated

Limited impact with proper input validation and database permissions, potentially only error messages or failed login attempts.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Public exploit documentation exists. SQL injection in login forms is commonly weaponized due to high value.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None found

Restart Required: No

Instructions:

No official patch available. Consider replacing with secure software or implementing custom fixes.

🔧 Temporary Workarounds

Input Validation and Parameterized Queries

all

Modify login.php to use prepared statements and validate/sanitize username/password inputs

Replace raw SQL queries with parameterized queries using PDO or mysqli prepared statements

Web Application Firewall (WAF)

all

Deploy WAF rules to block SQL injection patterns in login requests

Configure WAF to block requests containing SQL keywords in login parameters

🧯 If You Can't Patch

  • Isolate the system behind a reverse proxy with strict input filtering
  • Implement network segmentation and restrict database access from application server

🔍 How to Verify

Check if Vulnerable:

Test login form with SQL injection payloads like ' OR '1'='1 in username/password fields

Check Version:

Check system documentation or source code for version information

Verify Fix Applied:

Attempt SQL injection tests and verify they fail without affecting legitimate logins

📡 Detection & Monitoring

Log Indicators:

  • Multiple failed login attempts with SQL keywords
  • Unusual database query patterns from application

Network Indicators:

  • HTTP POST requests to login.php containing SQL injection patterns

SIEM Query:

source="web_logs" AND uri="/login.php" AND (request_body CONTAINS "' OR" OR request_body CONTAINS "UNION SELECT" OR request_body CONTAINS "--")

📊 Metadata

CVE ID: CVE-2024-0359
CVSS v3 Score: 7.3 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-89
Published: January 10, 2024
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-0359, you might also want to check these:

CVE-2024-8522 10.0

This vulnerability allows unauthenticated attackers to perform SQL injection attacks on WordPress si...

Same vulnerability type (CWE-89)
CVE-2024-13152 10.0

This SQL injection vulnerability in BSS Software's Mobuy Online Machinery Monitoring Panel allows at...

Same vulnerability type (CWE-89)
CVE-2021-42311 10.0

CVE-2021-42311 is a critical SQL injection vulnerability in Microsoft Defender for IoT that allows r...

Same vulnerability type (CWE-89)