Login Sign Up

CVE-2024-6191

7.3 HIGH
SQL Injection Authentication Bypass

📋 TL;DR

This critical SQL injection vulnerability in itsourcecode Student Management System 1.0 allows attackers to execute arbitrary SQL commands through the login.php user parameter. Remote attackers can potentially access, modify, or delete database contents. All deployments of version 1.0 with default configurations are affected.

💻 Affected Systems

Products:
  • itsourcecode Student Management System
Versions: 1.0
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: Affects the login.php component specifically. Any deployment with this version is vulnerable by default.

📦 What is this software?

Student Management System by Angeljudesuarez

View all CVEs affecting Student Management System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including data theft, data destruction, authentication bypass, and potential remote code execution if database functions allow it.

🟠

Likely Case

Unauthorized access to student records, grade manipulation, credential theft, and potential privilege escalation within the application.

🟢

If Mitigated

Limited impact with proper input validation, parameterized queries, and network segmentation preventing database access.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploit details are publicly available on GitHub. SQL injection on login page typically requires minimal technical skill.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None found

Restart Required: No

Instructions:

No official patch available. Consider migrating to supported software or implementing workarounds.

🔧 Temporary Workarounds

Input Validation and Sanitization

all

Add server-side validation to sanitize user input in login.php

Modify login.php to use prepared statements with parameterized queries

Web Application Firewall (WAF)

all

Deploy WAF rules to block SQL injection patterns

Configure WAF to block SQL injection patterns in login requests

🧯 If You Can't Patch

  • Isolate the system behind a firewall with strict access controls
  • Implement network segmentation to limit database access from application servers

🔍 How to Verify

Check if Vulnerable:

Test login.php with SQL injection payloads like ' OR '1'='1 in user parameter

Check Version:

Check application version in admin panel or configuration files

Verify Fix Applied:

Verify that SQL injection attempts no longer succeed and login.php uses parameterized queries

📡 Detection & Monitoring

Log Indicators:

  • Unusual SQL errors in application logs
  • Multiple failed login attempts with SQL patterns
  • Database connection errors

Network Indicators:

  • HTTP requests to login.php containing SQL keywords
  • Unusual database traffic patterns

SIEM Query:

source="web_logs" AND uri="/login.php" AND (user="*OR*" OR user="*UNION*" OR user="*SELECT*")

📊 Metadata

CVE ID: CVE-2024-6191
CVSS v3 Score: 7.3 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-89
Published: June 20, 2024
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-6191, you might also want to check these:

CVE-2024-8522 10.0

This vulnerability allows unauthenticated attackers to perform SQL injection attacks on WordPress si...

Same vulnerability type (CWE-89)
CVE-2024-13152 10.0

This SQL injection vulnerability in BSS Software's Mobuy Online Machinery Monitoring Panel allows at...

Same vulnerability type (CWE-89)
CVE-2021-42311 10.0

CVE-2021-42311 is a critical SQL injection vulnerability in Microsoft Defender for IoT that allows r...

Same vulnerability type (CWE-89)