CVE-2024-9008 – This critical SQL injection vulnerability in So... (How to Fix)

Q: What is the severity of CVE-2024-9008?

CVE-2024-9008 has a CVSS score of 6.3 (MEDIUM). This critical SQL injection vulnerability in SourceCodester Best Online News Portal 1.0 allows remote attackers to execute arbitrary SQL commands through the comment section's name parameter. Attackers can potentially access, modify, or delete database content. All deployments of this specific software version are affected.

📋 TL;DR

This critical SQL injection vulnerability in SourceCodester Best Online News Portal 1.0 allows remote attackers to execute arbitrary SQL commands through the comment section's name parameter. Attackers can potentially access, modify, or delete database content. All deployments of this specific software version are affected.

💻 Affected Systems

Products:

SourceCodester Best Online News Portal

Versions: 1.0

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Affects the /news-details.php file specifically in the comment section functionality.

📦 What is this software?

Best Online News Portal by Mayurik

View all CVEs affecting Best Online News Portal →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including data theft, data destruction, or full system takeover via SQL injection leading to remote code execution.

🟠

Likely Case

Unauthorized access to sensitive data stored in the database, such as user credentials, personal information, or administrative data.

🟢

If Mitigated

Limited impact if proper input validation and parameterized queries are implemented, potentially only causing minor data exposure.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Public exploit available on GitHub, remote exploitation possible without authentication.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://www.sourcecodester.com/

Restart Required: No

Instructions:

No official patch available. Consider implementing input validation and parameterized queries in /news-details.php.

🔧 Temporary Workarounds

Web Application Firewall (WAF)

all

Deploy a WAF with SQL injection protection rules to block malicious requests.

Input Validation

all

Implement strict input validation for the name parameter in /news-details.php.

🧯 If You Can't Patch

Take the system offline until a fix can be implemented.
Implement network segmentation to isolate the vulnerable system from sensitive data.

🔍 How to Verify

Check if Vulnerable:

Test the /news-details.php endpoint with SQL injection payloads in the name parameter.

Check Version:

Check the software version in the application's admin panel or configuration files.

Verify Fix Applied:

Verify that SQL injection attempts no longer succeed and that input validation is properly implemented.

📡 Detection & Monitoring

Log Indicators:

Unusual SQL queries in application logs
Multiple failed login attempts from single IP
Suspicious patterns in name parameter values

Network Indicators:

SQL keywords in HTTP POST parameters
Unusual database connection patterns

SIEM Query:

source="web_logs" AND ("UNION SELECT" OR "OR 1=1" OR "' OR '" OR "--" OR ";--")

📊 Metadata

CVE ID: CVE-2024-9008

CVSS v3 Score: 6.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-89

Published: September 19, 2024

Last Updated: March 7, 2025

🔗 References

https://github.com/gurudattch/CVEs/blob/main/Sourcecodester-News-Portal-Comment-Blind-SQLi.md Exploit,Third Party Advisory
https://vuldb.com/?ctiid.278164 Permissions Required,Third Party Advisory,VDB Entry
https://vuldb.com/?id.278164 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.409956 Third Party Advisory,VDB Entry
https://www.sourcecodester.com/ Product

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-9008, you might also want to check these: