CVE-2024–30980: SQL Injection Vulnerability in Cyber Cafe Management System Using PHP & MySQL v1.0 by phpgurukul
Introduction: In the realm of cybersecurity, the discovery and mitigation of vulnerabilities are crucial in safeguarding digital assets and user privacy. Today, I bring attention to a significant vulnerability found in the Cyber Cafe Management System Using PHP & MySQL v1.0, developed by phpgurukul. This vulnerability, designated as CVE-2024–30980, exposes the system to SQL Injection attacks, posing a serious threat to its users.
Overview: The vulnerability resides in the “/edit-computer-detail.php” component of the Cyber Cafe Management System (CCMS), where insufficient input validation allows attackers to execute malicious SQL queries against the underlying MySQL database. By exploiting this vulnerability, attackers can manipulate the system’s behavior, potentially accessing sensitive data or causing data loss.
CVE Identifier: CVE-2024–30980 has been assigned to this vulnerability, providing a standardized reference for tracking and addressing the issue. This identifier facilitates collaboration among cybersecurity professionals and enables affected parties to take appropriate measures to mitigate the risk.
Description: To exploit CVE-2024–30980, an attacker follows a series of steps within the CCMS application:
- Login to the CCMS system via http://localhost/cybercafemanagementsystem/ccms/index.php.
- Navigate to the “/manage-computer.php” page and select the “Edit Details” option for a computer.
3. In the “Computer Location” parameter, inject a crafted SQL payload designed to cause a delay, such as -
"' AND (SELECT 5641 FROM (SELECT(SLEEP(5)))qUEs) AND 'dmfJ'='dmfJ"
4. Click the “Update” button.
Upon execution of the malicious SQL payload, the page will experience a delay of approximately 5 seconds, indicating a successful SQL Injection attack.
Note that, we have performed the Blind Time Based SQLi here for just the sake of POC. Alternatively, you can perform a proper attack to exploit the vulnerability either Manually or you can Automate the process by using tools like SQLMap.
Conclusion: CVE-2024–30980 underscores the importance of proactive security measures in software development and deployment. By identifying and mitigating vulnerabilities like SQL Injection in the Cyber Cafe Management System, we can enhance the resilience of our digital infrastructure and protect against malicious exploitation. Let us remain vigilant in our efforts to secure our systems and safeguard user data.
References:
Thank You For Reading!
By: Shanu Nirwan