Login Sign Up

CVE-2024-10159

7.3 HIGH
SQL Injection

📋 TL;DR

This critical SQL injection vulnerability in PHPGurukul Boat Booking System 1.0 allows attackers to manipulate database queries through the profile.php page. Remote attackers can potentially access, modify, or delete sensitive data in the database. All installations of version 1.0 with the vulnerable component exposed are affected.

💻 Affected Systems

Products:
  • PHPGurukul Boat Booking System
Versions: 1.0
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: Vulnerability exists in the default installation. The /admin/profile.php file with parameters sadminusername, fullname, emailid, and mobilenumber are affected.

📦 What is this software?

Boat Booking System by Phpgurukul

View all CVEs affecting Boat Booking System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise leading to data theft, authentication bypass, privilege escalation, and potential remote code execution via database functions.

🟠

Likely Case

Unauthorized access to sensitive user data, administrative credentials theft, and potential system takeover through SQL injection.

🟢

If Mitigated

Limited impact with proper input validation, parameterized queries, and network segmentation in place.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploit requires authentication to access /admin/profile.php. Public proof-of-concept available on GitHub.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://phpgurukul.com/

Restart Required: No

Instructions:

No official patch available. Implement parameterized queries and input validation in /admin/profile.php. Replace raw SQL queries with prepared statements.

🔧 Temporary Workarounds

Input Validation and Sanitization

all

Add server-side validation for all user inputs in profile.php parameters

Web Application Firewall Rules

all

Implement WAF rules to block SQL injection patterns targeting /admin/profile.php

🧯 If You Can't Patch

  • Restrict access to /admin/ directory to trusted IP addresses only
  • Disable or remove the Boat Booking System if not essential

🔍 How to Verify

Check if Vulnerable:

Test /admin/profile.php with SQL injection payloads in sadminusername, fullname, emailid, or mobilenumber parameters

Check Version:

Check system documentation or configuration files for version information

Verify Fix Applied:

Verify that parameterized queries are implemented and SQL injection attempts return errors instead of executing

📡 Detection & Monitoring

Log Indicators:

  • Unusual SQL queries in application logs
  • Multiple failed login attempts to /admin/
  • Database error messages containing SQL syntax

Network Indicators:

  • HTTP POST requests to /admin/profile.php with SQL keywords in parameters
  • Unusual database connection patterns

SIEM Query:

source="web_logs" AND uri="/admin/profile.php" AND (param="sadminusername" OR param="fullname" OR param="emailid" OR param="mobilenumber") AND (content="UNION" OR content="SELECT" OR content="INSERT" OR content="DELETE")

📊 Metadata

CVE ID: CVE-2024-10159
CVSS v3 Score: 7.3 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-89
Published: October 20, 2024
Last Updated: October 22, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-10159, you might also want to check these:

CVE-2024-8522 10.0

This vulnerability allows unauthenticated attackers to perform SQL injection attacks on WordPress si...

Same vulnerability type (CWE-89)
CVE-2024-13152 10.0

This SQL injection vulnerability in BSS Software's Mobuy Online Machinery Monitoring Panel allows at...

Same vulnerability type (CWE-89)
CVE-2021-42311 10.0

CVE-2021-42311 is a critical SQL injection vulnerability in Microsoft Defender for IoT that allows r...

Same vulnerability type (CWE-89)