Login Sign Up

CVE-2024-6113

7.3 HIGH
SQL Injection Authentication Bypass

📋 TL;DR

This critical SQL injection vulnerability in Monbela Tourist Inn Online Reservation System 1.0 allows attackers to manipulate database queries through the email parameter in login.php. Attackers can potentially steal sensitive data, modify database contents, or gain unauthorized access. All systems running this specific software version are affected.

💻 Affected Systems

Products:
  • itsourcecode Monbela Tourist Inn Online Reservation System
Versions: 1.0
Operating Systems: Any OS running PHP
Default Config Vulnerable: ⚠️ Yes
Notes: Affects the login.php file specifically through email parameter manipulation.

📦 What is this software?

Monbela Tourist Inn Online Reservation System by Janobe

View all CVEs affecting Monbela Tourist Inn Online Reservation System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise leading to data theft, privilege escalation, authentication bypass, and potential remote code execution via database functions.

🟠

Likely Case

Unauthorized access to reservation data, customer information theft, and potential system takeover through SQL injection payloads.

🟢

If Mitigated

Limited impact with proper input validation and WAF rules blocking SQL injection patterns.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

SQL injection via login form requires no authentication and has public proof-of-concept available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None available

Restart Required: No

Instructions:

No official patch available. Implement workarounds or consider replacing the software.

🔧 Temporary Workarounds

Input Validation and Sanitization

all

Add parameterized queries and input validation to login.php

Modify login.php to use prepared statements: $stmt = $conn->prepare('SELECT * FROM users WHERE email = ?'); $stmt->bind_param('s', $email);

Web Application Firewall Rules

all

Deploy WAF rules to block SQL injection patterns

Add WAF rule: SecRule ARGS:email "@detectSQLi" "id:1001,phase:2,deny,status:403"

🧯 If You Can't Patch

  • Isolate the system from internet access and restrict to internal network only
  • Implement network segmentation and monitor all database queries from the application

🔍 How to Verify

Check if Vulnerable:

Test login.php with SQL injection payloads in email parameter: ' OR '1'='1

Check Version:

Check software version in admin panel or configuration files

Verify Fix Applied:

Verify prepared statements are implemented and test with SQL injection payloads

📡 Detection & Monitoring

Log Indicators:

  • Unusual SQL queries in database logs
  • Multiple failed login attempts with SQL patterns
  • Unexpected database errors in application logs

Network Indicators:

  • SQL keywords in HTTP POST requests to login.php
  • Unusual database connection patterns

SIEM Query:

source="web_logs" AND uri="/login.php" AND (request_body LIKE "%OR%" OR request_body LIKE "%UNION%" OR request_body LIKE "%SELECT%")

📊 Metadata

CVE ID: CVE-2024-6113
CVSS v3 Score: 7.3 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-89
Published: June 20, 2024
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-6113, you might also want to check these:

CVE-2024-8522 10.0

This vulnerability allows unauthenticated attackers to perform SQL injection attacks on WordPress si...

Same vulnerability type (CWE-89)
CVE-2024-13152 10.0

This SQL injection vulnerability in BSS Software's Mobuy Online Machinery Monitoring Panel allows at...

Same vulnerability type (CWE-89)
CVE-2021-42311 10.0

CVE-2021-42311 is a critical SQL injection vulnerability in Microsoft Defender for IoT that allows r...

Same vulnerability type (CWE-89)