Recently, a critical vulnerability has been found in the SourceCodester Engineers Online Portal 1., a popular web platform for engineers. The vulnerability has been assigned with the identifier CVE-2023-5278 and has a severity rating of critical. This issue has been discovered in the login.php file, and it allows an attacker to perform a SQL injection attack by exploiting the username and password arguments. Furthermore, the attack can be executed remotely, putting the users of the platform at serious risk.
In this post, we will discuss the vulnerability details, look at a code snippet, provide links to original references, and share some insight into exploiting the vulnerability.
Vulnerability Details
The vulnerability lies in an unknown function of the login.php file, where the manipulation of the arguments for the username and password input fields can lead to a SQL injection attack. SQL injection is a well-known technique used by attackers to inject malicious SQL code into an application's database, granting them unauthorized access to user data and other sensitive information.
By exploiting this vulnerability, an attacker can launch a remote attack on the SourceCodester Engineers Online Portal 1. and perform actions such as reading, modifying, or deleting data from the application's database.
Here is a snippet of the vulnerable code in the login.php file
$username = $_POST['username'];
$password = $_POST['password'];
$query = "SELECT * FROM users WHERE username='$username' AND password='$password'";
$result = mysqli_query($conn, $query);
As we can see, the $username and $password variables are not properly sanitized or validated before being used in the SQL query, which can result in a successful SQL injection attack.
Exploit Details
An attacker can exploit this vulnerability by providing a specially crafted username or password input that includes a SQL injection payload. For example, the attacker could use the following payload to bypass the authentication process:
Username: admin' OR '1'='1
Password: ' OR '1'='1
Links to Original References
Below are some links to the original references and resources related to the CVE-2023-5278 vulnerability:
1. SourceCodester Engineers Online Portal 1.: https://www.sourcecodester.com/php/15093/engineers-online-portal.html
2. CVE-2023-5278: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-5278
3. Vulnerability VDB-240906: https://www.security-database.com/detail.php?alert=VDB-240906
Conclusion
In conclusion, the discovery of the CVE-2023-5278 vulnerability in the SourceCodester Engineers Online Portal 1. serves as a critical reminder for developers and users alike to prioritize security in their applications. As an end-user, you should make sure to use strong, unique passwords and enable any additional security features provided by the platform. For developers, it is vital to sanitize and validate inputs, especially those used in SQL queries, to prevent SQL injection attacks and keep customer data secure.
Timeline
Published on: 09/29/2023 18:15:10 UTC
Last modified on: 11/07/2023 04:23:46 UTC