CVE-2024-50766 – This vulnerability allows attackers to execute ... (How to Fix)

📋 TL;DR

This vulnerability allows attackers to execute arbitrary SQL commands through the id parameter in takeSurvey.php. It affects all deployments of SourceCodester Survey Application System 1.0. Successful exploitation could lead to complete database compromise.

💻 Affected Systems

Products:

SourceCodester Survey Application System

Versions: 1.0

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: All installations of version 1.0 are vulnerable. No special configuration required.

📦 What is this software?

Survey Application System by Oretnom23

View all CVEs affecting Survey Application System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including data theft, data manipulation, and potential server takeover via SQL injection to file write or command execution.

🟠

Likely Case

Database information disclosure, authentication bypass, and data manipulation of survey results and user data.

🟢

If Mitigated

Limited impact with proper input validation and WAF rules blocking SQL injection patterns.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Public proof-of-concept available in Medium article. Simple SQL injection via GET parameter.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: Unknown

Restart Required: No

Instructions:

1. Check vendor website for updates
2. Apply parameterized queries in takeSurvey.php
3. Implement input validation for id parameter

🔧 Temporary Workarounds

WAF Rule Implementation

all

Deploy web application firewall rules to block SQL injection patterns in id parameter

Input Validation

all

Add server-side validation to ensure id parameter contains only numeric values

🧯 If You Can't Patch

Block external access to the survey application using network ACLs
Implement rate limiting and monitoring on takeSurvey.php endpoint

🔍 How to Verify

Check if Vulnerable:

Test takeSurvey.php?id=1' OR '1'='1 and observe SQL error or unexpected behavior

Check Version:

Check application version in admin panel or source code comments

Verify Fix Applied:

Test with SQL injection payloads and verify proper error handling or rejection

📡 Detection & Monitoring

Log Indicators:

SQL syntax errors in web server logs
Unusual parameter values in id field
Multiple rapid requests to takeSurvey.php

Network Indicators:

SQL keywords in HTTP GET parameters
Unusual database query patterns

SIEM Query:

source=web_logs AND (url="*takeSurvey.php*" AND param="*id=*'*" OR param="*id=*%27*")

📊 Metadata

CVE ID: CVE-2024-50766

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-89

Published: November 7, 2024

Last Updated: April 22, 2025

🔗 References

https://medium.com/%40luisgerardomoret_69654/sql-injection-in-survey-application-system-cve-2024-50766-8ed81426ca6e Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-50766, you might also want to check these: