Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-26959: Authentication Bypass — PARK TICKETING MANAGEMENT SYSTEM(Phpgurukul)

Phpgurukul Park Ticketing Management System 1.0 is vulnerable to SQL Injection via the User Name parameter.

CVE
#sql#web#windows#php#auth

# Exploit Title: PARK TICKETING MANAGEMENT SYSTEM — SQL Injection Vulnreability.
# Date: 25–01–2023
# Exploit Author: Venkata Siva Kumar Medituru
# Vendor Homepage: https://phpgurukul.com/
# Software Link: https://phpgurukul.com/park-ticketing-management-system-using-php-and-mysql/
# Vulnerable Parameter : User Name
# Version: 1.0
# Tested on: Windows 10
# Contact: https://www.linkedin.com/in/shivakumar-m-v/

SQL injection is a technique used to exploit the Authentication pages and intruder can penetrate into dashboard without any valid credentials. The perpetrator may enumerate User name, personal information, App functionality and in other words complete account take over is possible.

The reproducive steps are given in vidoe PoC.

Mitigations

  1. Configure Web Application Firewall to understand various SQL payloads and to ignore / drop the malicious requests crafted by perpetrator

  2. Implement input validations and parametrized queries including prepared statements.

  3. Limit the verbose error messages in the responses so that attacker not able to figure out the way to bypass the implemented controls.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907