CVE-2024-36779 – CVE-2024-36779 is a critical SQL injection vuln... (How to Fix)

Q: What is the severity of CVE-2024-36779?

CVE-2024-36779 has a CVSS score of 9.8 (CRITICAL). CVE-2024-36779 is a critical SQL injection vulnerability in Sourcecodester Stock Management System v1.0 that allows attackers to execute arbitrary SQL commands via the editCategories.php endpoint. This affects all organizations using this specific version of the software, potentially exposing sensitive database information including user credentials, inventory data, and system configurations.

📋 TL;DR

CVE-2024-36779 is a critical SQL injection vulnerability in Sourcecodester Stock Management System v1.0 that allows attackers to execute arbitrary SQL commands via the editCategories.php endpoint. This affects all organizations using this specific version of the software, potentially exposing sensitive database information including user credentials, inventory data, and system configurations.

💻 Affected Systems

Products:

Sourcecodester Stock Management System

Versions: v1.0

Operating Systems: Any OS running PHP web server

Default Config Vulnerable: ⚠️ Yes

Notes: Affects all installations of v1.0 regardless of configuration. The vulnerability is in the core application code.

📦 What is this software?

Stock Management System by Stock Management System Project

View all CVEs affecting Stock Management System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise leading to data theft, authentication bypass, remote code execution via database functions, and full system takeover.

🟠

Likely Case

Unauthorized data extraction including user credentials, inventory records, and sensitive business information, potentially leading to further system compromise.

🟢

If Mitigated

Limited impact with proper input validation and parameterized queries preventing SQL injection execution.

🌐 Internet-Facing: HIGH - The vulnerability is in a web application component that is typically internet-facing, allowing remote exploitation without authentication.

🏢 Internal Only: HIGH - Even internally deployed instances are vulnerable to insider threats or compromised internal systems.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

SQL injection vulnerabilities are well-understood and easily weaponized. The editCategories.php endpoint appears to lack proper input validation.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: No official vendor advisory found

Restart Required: No

Instructions:

No official patch available. Consider upgrading to a newer version if available, or implement workarounds and code fixes.

🔧 Temporary Workarounds

Input Validation and Sanitization

all

Implement strict input validation and parameterized queries in editCategories.php

Modify editCategories.php to use prepared statements: $stmt = $conn->prepare('UPDATE categories SET name=? WHERE id=?'); $stmt->bind_param('si', $name, $id);

Web Application Firewall (WAF)

all

Deploy WAF rules to block SQL injection patterns targeting editCategories.php

Add WAF rule: SecRule REQUEST_URI "@contains editCategories.php" "id:1001,phase:2,deny,status:403,msg:'SQLi attempt blocked'"

🧯 If You Can't Patch

Isolate the Stock Management System behind a reverse proxy with strict input filtering
Implement network segmentation to limit database access from the web application server

🔍 How to Verify

Check if Vulnerable:

Test editCategories.php endpoint with SQL injection payloads like: editCategories.php?id=1' OR '1'='1

Check Version:

Check application version in admin panel or readme files

Verify Fix Applied:

Verify that parameterized queries are implemented and test with SQL injection payloads to confirm they are blocked

📡 Detection & Monitoring

Log Indicators:

Unusual SQL error messages in web server logs
Multiple failed login attempts following SQL injection patterns
Unexpected database queries from web application user

Network Indicators:

HTTP requests to editCategories.php with SQL keywords in parameters
Unusual database traffic patterns from web server

SIEM Query:

source="web_logs" AND uri="*editCategories.php*" AND (param="*' OR*" OR param="*UNION*" OR param="*SELECT*" OR param="*--*" OR param="*;*" OR param="*/*")

📊 Metadata

CVE ID: CVE-2024-36779

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-89

Published: June 6, 2024

Last Updated: November 21, 2024

🔗 References

https://github.com/CveSecLook/cve/issues/42 Exploit,Issue Tracking,Third Party Advisory
https://github.com/CveSecLook/cve/issues/42 Exploit,Issue Tracking,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-36779, you might also want to check these: