CVE-2024-30989: Multiple Stored Cross-Site Scripting Vulnerabilities in Client Management System using PHP & MySQL 1.1 by Phpgurukul

Introduction: Cross-Site Scripting (XSS) vulnerabilities remain a critical concern in web application security, enabling attackers to execute arbitrary code and compromise sensitive information. Today, I uncover multiple stored XSS vulnerabilities discovered in the Client Management System using PHP & MySQL 1.1 developed by Phpgurukul. These vulnerabilities, identified as CVE-2024–30989, allow attackers to execute arbitrary code via the “cname,” “comname,” “state,” and “city” parameters in the “/edit-client-details.php” page.

Description: The stored XSS vulnerabilities in the Client Management System arise due to insufficient input validation in the “cname,” “comname,” “state,” and “city” parameters within the “/edit-client-details.php” page. Attackers can inject malicious scripts into these parameters. Subsequently, when the victim interacts with the compromised data, the injected script is executed in their browser.

CVE Identifier: CVE-2024–30989 has been assigned to these vulnerabilities, providing a standardized reference for tracking and addressing the issue. This identifier facilitates collaboration among cybersecurity professionals and enables affected parties to take appropriate measures to mitigate the risk.

Proof of Concept (POC): To exploit these vulnerabilities, attackers can follow these steps:

1. Navigate to the “/manage-client.php” page within the Client Management System.

2. Click on the “Edit” button corresponding to a client.

3. In the “cname,” “comname,” “state,” and “city” parameters, inject the following XSS payload:

"><script>alert(document.domain)</script>

4. Click on the “Update” button to save the changes.

5. After saving, click on the “Edit” button of the same client again.

6. The injected XSS payload will be triggered, demonstrating successful exploitation of the vulnerabilities.

Conclusion: CVE-2024–30989 underscores the importance of robust security measures in web application development. By addressing vulnerabilities like stored XSS in the Client Management System, we can enhance the security posture of our digital infrastructure and protect against malicious exploitation. Let us remain vigilant in our efforts to secure sensitive data and safeguard user privacy.

Reference:

Client Management System Project using PHP & MySQL - PHPGurukul

Thank You For Reading!

By: Shanu Nirwan