CVE-2024-31010 – This SQL injection vulnerability in SEMCMS v4.8... (How to Fix)

📋 TL;DR

This SQL injection vulnerability in SEMCMS v4.8 allows remote attackers to extract sensitive information from the database by manipulating the ID parameter in Banner.php. All websites running SEMCMS v4.8 are affected, potentially exposing user data, configuration details, or other database contents.

💻 Affected Systems

Products:

SEMCMS

Versions: 4.8

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects SEMCMS v4.8; earlier or later versions may not be vulnerable.

📦 What is this software?

Semcms by Sem Cms

View all CVEs affecting Semcms →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including user credentials, personal information, administrative access, and potential system takeover via subsequent attacks.

🟠

Likely Case

Extraction of sensitive data such as user information, configuration details, or content management data from the database.

🟢

If Mitigated

Limited information disclosure if database permissions are properly restricted and input validation is implemented elsewhere.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

SQL injection via ID parameter is straightforward to exploit with common tools like sqlmap.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: Not available

Restart Required: No

Instructions:

1. Check for official patch from SEMCMS developers
2. If patch available, download and apply according to vendor instructions
3. Test functionality after patching

🔧 Temporary Workarounds

Input Validation Filter

all

Add server-side validation to ensure ID parameter contains only numeric values

Modify Banner.php to validate ID parameter: if(!is_numeric($_GET['ID'])) { die('Invalid input'); }

Web Application Firewall

all

Deploy WAF with SQL injection protection rules

🧯 If You Can't Patch

Implement strict input validation for all ID parameters
Restrict database user permissions to minimum required access

🔍 How to Verify

Check if Vulnerable:

Test Banner.php with SQL injection payloads in ID parameter: Banner.php?ID=1' OR '1'='1

Check Version:

Check SEMCMS version in admin panel or configuration files

Verify Fix Applied:

Test with same payloads after fix; should return error or no data instead of executing SQL

📡 Detection & Monitoring

Log Indicators:

Unusual SQL errors in application logs
Multiple requests to Banner.php with suspicious ID parameters
Database error messages containing SQL syntax

Network Indicators:

HTTP requests to Banner.php with SQL keywords in parameters
Unusual database query patterns from web server

SIEM Query:

source="web_logs" AND uri="*Banner.php*" AND (param="*' OR*" OR param="*UNION*" OR param="*SELECT*" OR param="*--*" OR param="*/*")

📊 Metadata

CVE ID: CVE-2024-31010

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-89

Published: April 3, 2024

Last Updated: April 4, 2025

🔗 References

https://github.com/ss122-0ss/semcms/blob/main/README.md Exploit,Third Party Advisory
https://github.com/ss122-0ss/semcms/blob/main/README.md Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-31010, you might also want to check these: