CVE-2024-12229 – This critical SQL injection vulnerability in PH... (How to Fix)

Q: What is the severity of CVE-2024-12229?

CVE-2024-12229 has a CVSS score of 7.3 (HIGH). This critical SQL injection vulnerability in PHPGurukul Complaint Management System 1.0 allows attackers to execute arbitrary SQL commands through the search parameter in /admin/complaint-search.php. Attackers can potentially access, modify, or delete database content, including sensitive complaint data and user credentials. All deployments of version 1.0 with the vulnerable file accessible are affected.

📋 TL;DR

This critical SQL injection vulnerability in PHPGurukul Complaint Management System 1.0 allows attackers to execute arbitrary SQL commands through the search parameter in /admin/complaint-search.php. Attackers can potentially access, modify, or delete database content, including sensitive complaint data and user credentials. All deployments of version 1.0 with the vulnerable file accessible are affected.

💻 Affected Systems

Products:

PHPGurukul Complaint Management System

Versions: 1.0

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Requires the /admin/complaint-search.php file to be accessible, which is part of standard installation.

📦 What is this software?

Complaint Management System by Phpgurukul

View all CVEs affecting Complaint Management System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise leading to data theft, data destruction, authentication bypass, and potential server takeover via SQL injection to RCE chaining.

🟠

Likely Case

Unauthorized access to sensitive complaint data, user information extraction, and potential privilege escalation within the application.

🟢

If Mitigated

Limited impact with proper input validation, WAF protection, and database permission restrictions preventing data modification.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploit requires admin access to reach the vulnerable endpoint, but SQL injection payloads are simple and well-documented.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://phpgurukul.com/

Restart Required: No

Instructions:

No official patch available. Consider implementing input validation and parameterized queries manually or migrating to a supported alternative.

🔧 Temporary Workarounds

Input Validation and Sanitization

all

Add server-side validation to sanitize the search parameter before processing SQL queries.

Modify /admin/complaint-search.php to implement prepared statements with parameterized queries

Access Restriction

linux

Restrict access to the vulnerable admin endpoint using IP whitelisting or additional authentication layers.

Add .htaccess rules to limit access to specific IPs: Require ip 192.168.1.0/24

🧯 If You Can't Patch

Implement a Web Application Firewall (WAF) with SQL injection rules to block malicious requests.
Disable or remove the /admin/complaint-search.php file if functionality is not required.

🔍 How to Verify

Check if Vulnerable:

Test the search parameter in /admin/complaint-search.php with SQL injection payloads like ' OR '1'='1 and observe database errors or unexpected results.

Check Version:

Check the software version in the application interface or configuration files, typically in about.php or readme files.

Verify Fix Applied:

After implementing fixes, retest with SQL injection payloads to confirm they are properly rejected or sanitized without database errors.

📡 Detection & Monitoring

Log Indicators:

Unusual SQL error messages in application logs
Multiple failed login attempts followed by access to /admin/complaint-search.php
Suspicious search parameters containing SQL keywords like UNION, SELECT, OR

Network Indicators:

HTTP POST requests to /admin/complaint-search.php with SQL injection patterns in parameters
Unusual database query patterns from the application server

SIEM Query:

source="web_logs" AND uri_path="/admin/complaint-search.php" AND (param="search" AND value MATCHES "(?i)(union|select|or|and|'|--|#)")

📊 Metadata

CVE ID: CVE-2024-12229

CVSS v3 Score: 7.3 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-74

Published: December 5, 2024

Last Updated: December 10, 2024

🔗 References

https://github.com/qiyes233/CVE/issues/1 Exploit,Third Party Advisory
https://phpgurukul.com/ Product
https://vuldb.com/?ctiid.286975 Permissions Required,VDB Entry
https://vuldb.com/?id.286975 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.455065 Third Party Advisory,VDB Entry

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-12229, you might also want to check these: