CVE-2024-11077 – This critical SQL injection vulnerability in Jo... (How to Fix)

Q: What is the severity of CVE-2024-11077?

CVE-2024-11077 has a CVSS score of 7.3 (HIGH). This critical SQL injection vulnerability in Job Recruitment 1.0 allows attackers to manipulate database queries through the email parameter in /index.php. Attackers can potentially read, modify, or delete database contents remotely. All users running Job Recruitment 1.0 are affected.

📋 TL;DR

This critical SQL injection vulnerability in Job Recruitment 1.0 allows attackers to manipulate database queries through the email parameter in /index.php. Attackers can potentially read, modify, or delete database contents remotely. All users running Job Recruitment 1.0 are affected.

💻 Affected Systems

Products:

Job Recruitment

Versions: 1.0

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: All installations of version 1.0 are vulnerable. No specific configuration required for exploitation.

📦 What is this software?

Job Recruitment by Anisha

View all CVEs affecting Job Recruitment →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including credential theft, data destruction, and potential remote code execution via database functions

🟠

Likely Case

Data exfiltration of user information, job postings, and administrative credentials

🟢

If Mitigated

Limited impact with proper input validation and database permissions restricting damage to non-sensitive data

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Public exploit available on GitHub. SQL injection via email parameter requires minimal technical skill.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://code-projects.org/

Restart Required: No

Instructions:

No official patch available. Consider migrating to alternative software or implementing workarounds.

🔧 Temporary Workarounds

Input Validation Filter

all

Add server-side validation to sanitize email parameter input

Modify /index.php to validate email format and escape SQL special characters

Web Application Firewall Rule

all

Block SQL injection patterns in email parameter

Add WAF rule to detect and block SQL injection attempts in POST/GET parameters

🧯 If You Can't Patch

Implement network segmentation to isolate Job Recruitment system from critical infrastructure
Enable detailed logging of all database queries and monitor for suspicious patterns

🔍 How to Verify

Check if Vulnerable:

Test email parameter with SQL injection payloads like ' OR '1'='1

Check Version:

Check software version in admin panel or configuration files

Verify Fix Applied:

Test with same payloads to ensure proper input validation and error handling

📡 Detection & Monitoring

Log Indicators:

Unusual database queries from web server
SQL syntax errors in application logs
Multiple failed login attempts with SQL patterns

Network Indicators:

HTTP requests with SQL keywords in email parameter
Unusual database connection patterns

SIEM Query:

source="web_logs" AND (email="*' OR*" OR email="*UNION*" OR email="*SELECT*" OR email="*INSERT*")

📊 Metadata

CVE ID: CVE-2024-11077

CVSS v3 Score: 7.3 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-74

Published: November 11, 2024

Last Updated: November 14, 2024

🔗 References

https://code-projects.org/ Product
https://github.com/UnrealdDei/cve/blob/main/sql3.md Exploit,Third Party Advisory
https://vuldb.com/?ctiid.283872 Permissions Required,VDB Entry
https://vuldb.com/?id.283872 Permissions Required,VDB Entry
https://vuldb.com/?submit.441184 Third Party Advisory,VDB Entry

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-11077, you might also want to check these: