Login Sign Up

CVE-2024-1831

7.3 HIGH
SQL Injection Authentication Bypass

📋 TL;DR

This is a critical SQL injection vulnerability in SourceCodester Complete File Management System 1.0 that allows attackers to bypass authentication via the login form. By injecting malicious SQL payloads into the username field, attackers can gain unauthorized access to the system. All installations of version 1.0 are affected.

💻 Affected Systems

Products:
  • SourceCodester Complete File Management System
Versions: 1.0
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: The vulnerability exists in the default installation with no special configuration required.

📦 What is this software?

Complete File Management System by Nelzkie15

View all CVEs affecting Complete File Management System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise including data theft, privilege escalation, and potential remote code execution through further exploitation.

🟠

Likely Case

Unauthorized access to the file management system leading to data exposure, file manipulation, and potential lateral movement within the network.

🟢

If Mitigated

Limited to failed login attempts if proper input validation and WAF rules are in place.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: CONFIRMED
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploit requires no authentication and uses simple SQL injection payloads that can be automated.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None known

Restart Required: No

Instructions:

No official patch available. Consider upgrading to a newer version if available or implementing workarounds.

🔧 Temporary Workarounds

Input Validation and Parameterized Queries

all

Modify users/index.php to implement proper input validation and use parameterized queries for SQL statements.

Edit users/index.php to replace raw SQL queries with prepared statements

Web Application Firewall Rules

all

Implement WAF rules to block SQL injection patterns in login requests.

Add WAF rule: Detect and block requests containing SQL injection patterns like 'or '1'='1'

🧯 If You Can't Patch

  • Isolate the system from the internet and restrict access to trusted networks only.
  • Implement strict network segmentation and monitor all access to the vulnerable endpoint.

🔍 How to Verify

Check if Vulnerable:

Attempt to login with payload: torada' or '1'='1' -- - in username field. If login succeeds without valid credentials, system is vulnerable.

Check Version:

Check the system version in admin panel or review source code for version markers.

Verify Fix Applied:

Attempt the same SQL injection payload. Login should fail with proper error handling.

📡 Detection & Monitoring

Log Indicators:

  • Multiple failed login attempts with SQL patterns in username field
  • Successful logins from unusual IP addresses with SQL patterns in requests

Network Indicators:

  • HTTP POST requests to /users/index.php containing SQL keywords like 'or', '--', '='

SIEM Query:

source="web_logs" AND (uri="/users/index.php" OR uri="/login") AND (request_body CONTAINS "'or'" OR request_body CONTAINS "--" OR request_body CONTAINS "'='")

📊 Metadata

CVE ID: CVE-2024-1831
CVSS v3 Score: 7.3 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-89
Published: February 23, 2024
Last Updated: December 17, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-1831, you might also want to check these:

CVE-2024-8522 10.0

This vulnerability allows unauthenticated attackers to perform SQL injection attacks on WordPress si...

Same vulnerability type (CWE-89)
CVE-2024-13152 10.0

This SQL injection vulnerability in BSS Software's Mobuy Online Machinery Monitoring Panel allows at...

Same vulnerability type (CWE-89)
CVE-2021-42311 10.0

CVE-2021-42311 is a critical SQL injection vulnerability in Microsoft Defender for IoT that allows r...

Same vulnerability type (CWE-89)