CVE-2024-5384 – This critical SQL injection vulnerability in So... (How to Fix)

Q: What is the severity of CVE-2024-5384?

CVE-2024-5384 has a CVSS score of 7.3 (HIGH). This critical SQL injection vulnerability in SourceCodester Facebook News Feed Like 1.0 allows remote attackers to execute arbitrary SQL commands via the 'page' parameter in index.php. This can lead to unauthorized data access, modification, or deletion. Anyone using this specific software version is affected.

📋 TL;DR

This critical SQL injection vulnerability in SourceCodester Facebook News Feed Like 1.0 allows remote attackers to execute arbitrary SQL commands via the 'page' parameter in index.php. This can lead to unauthorized data access, modification, or deletion. Anyone using this specific software version is affected.

💻 Affected Systems

Products:

SourceCodester Facebook News Feed Like

Versions: 1.0

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Affects the index.php file specifically through the 'page' parameter manipulation.

📦 What is this software?

Facebook News Feed Like by Oretnom23

View all CVEs affecting Facebook News Feed Like →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including data theft, data destruction, or full system takeover via SQL injection leading to remote code execution.

🟠

Likely Case

Unauthorized access to sensitive data stored in the database, potential privilege escalation, and application compromise.

🟢

If Mitigated

Limited impact with proper input validation and parameterized queries preventing SQL injection.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Remote exploitation is possible without authentication, making this particularly dangerous.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None available

Restart Required: No

Instructions:

No official patch available. Consider implementing parameterized queries and input validation in index.php.

🔧 Temporary Workarounds

Web Application Firewall (WAF)

all

Deploy a WAF with SQL injection protection rules to block malicious requests.

Input Validation

all

Implement strict input validation for the 'page' parameter to only accept expected values.

🧯 If You Can't Patch

Isolate the affected system from the internet and restrict access to authorized users only.
Implement network segmentation to limit the blast radius if exploitation occurs.

🔍 How to Verify

Check if Vulnerable:

Test the 'page' parameter in index.php with SQL injection payloads like ' OR '1'='1.

Check Version:

Check the software version in the application's configuration or documentation.

Verify Fix Applied:

Verify that SQL injection attempts no longer succeed and that parameterized queries are implemented.

📡 Detection & Monitoring

Log Indicators:

Unusual SQL queries in application logs
Multiple failed login attempts from single IP
Unexpected database errors

Network Indicators:

HTTP requests with SQL keywords in parameters
Unusual traffic patterns to index.php

SIEM Query:

source="web_logs" AND (url="*index.php*" AND (param="*page=*OR*" OR param="*page=*UNION*" OR param="*page=*SELECT*"))

📊 Metadata

CVE ID: CVE-2024-5384

CVSS v3 Score: 7.3 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-89

Published: May 27, 2024

Last Updated: February 11, 2025

🔗 References

https://vuldb.com/?ctiid.266302 Permissions Required,VDB Entry
https://vuldb.com/?id.266302 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.344502 Exploit,Third Party Advisory,VDB Entry
https://vuldb.com/?ctiid.266302 Permissions Required,VDB Entry
https://vuldb.com/?id.266302 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.344502 Exploit,Third Party Advisory,VDB Entry

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-5384, you might also want to check these: