Login Sign Up

CVE-2024-6731

6.3 MEDIUM
SQL Injection

📋 TL;DR

This critical SQL injection vulnerability in SourceCodester Student Study Center Desk Management System 1.0 allows remote attackers to execute arbitrary SQL commands via the 'id' parameter in the /Master.php?f=save_student endpoint. This can lead to data theft, modification, or deletion. All users running the vulnerable version are affected.

💻 Affected Systems

Products:
  • SourceCodester Student Study Center Desk Management System
Versions: 1.0
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: Affects the web application component accessible via HTTP/HTTPS.

📦 What is this software?

Student Study Center Desk Management System by Oretnom23

View all CVEs affecting Student Study Center Desk Management System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including data exfiltration, modification, deletion, or potential server takeover via SQL injection escalation techniques.

🟠

Likely Case

Unauthorized access to student records, grade manipulation, personal data theft, and potential privilege escalation within the application.

🟢

If Mitigated

Limited impact with proper input validation and database permissions, potentially only allowing data viewing without modification.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploit details are publicly available, making this easily weaponizable by attackers with basic SQL injection knowledge.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://www.sourcecodester.com/

Restart Required: No

Instructions:

1. Check vendor website for updates 2. Apply any available patches 3. Test functionality after patching

🔧 Temporary Workarounds

Input Validation Filter

all

Add server-side validation to sanitize the 'id' parameter before processing

Implement parameterized queries or prepared statements in PHP code

Web Application Firewall

all

Deploy WAF rules to block SQL injection patterns targeting /Master.php

Configure WAF to block requests containing SQL keywords in id parameter

🧯 If You Can't Patch

  • Isolate the system behind a firewall with strict access controls
  • Implement network segmentation to limit database server access

🔍 How to Verify

Check if Vulnerable:

Test the /Master.php?f=save_student endpoint with SQL injection payloads in the id parameter

Check Version:

Check application version in admin panel or configuration files

Verify Fix Applied:

Verify that SQL injection attempts no longer succeed and return appropriate error messages

📡 Detection & Monitoring

Log Indicators:

  • Unusual SQL error messages in application logs
  • Multiple failed login attempts following SQL injection patterns
  • Unexpected database queries from web server

Network Indicators:

  • HTTP requests to /Master.php with SQL keywords in parameters
  • Unusual database traffic patterns from web server

SIEM Query:

source="web_logs" AND uri="/Master.php" AND (param="id" AND value CONTAINS "UNION" OR value CONTAINS "SELECT" OR value CONTAINS "OR 1=1")

📊 Metadata

CVE ID: CVE-2024-6731
CVSS v3 Score: 6.3 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-89
Published: July 14, 2024
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-6731, you might also want to check these:

CVE-2024-8522 10.0

This vulnerability allows unauthenticated attackers to perform SQL injection attacks on WordPress si...

Same vulnerability type (CWE-89)
CVE-2024-13152 10.0

This SQL injection vulnerability in BSS Software's Mobuy Online Machinery Monitoring Panel allows at...

Same vulnerability type (CWE-89)
CVE-2021-42311 10.0

CVE-2021-42311 is a critical SQL injection vulnerability in Microsoft Defender for IoT that allows r...

Same vulnerability type (CWE-89)