CVE-2024-35584

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-35584
SQL injection vulnerabilities were discovered in Ajax.php, ForWindow.php, ForExport.php, Modules.php, functions/HackingLogFnc.php in OpenSis Community Edition 9.1 to 8.0, and possibly earlier versions. It is possible for an authenticated user to perform SQL Injection due to the lack to sanitisation. The application takes arbitrary value from "X-Forwarded-For" header and appends it to a SQL INSERT statement directly, leading to SQL Injection.

8.8 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
http://opensis.com
http://os4ed.com
https://github.com/whwhwh96/CVE-2024-35584
Configurations

No configuration.

History

16 Oct 2024, 20:35

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 8.8
CWE CWE-89

16 Oct 2024, 17:15

Type Values Removed Values Added
Summary (en) SQL injection vulnerability in Ajax.php, ForWindow.php, ForExport.php, Modules.php, functions/HackingLogFnc.php in OpenSis Community Edition 9.1, 8.0, and possibly earlier versions. It is possible for an authenticated user to perform SQL Injection due to the lack to sanitisation. The application takes arbitrary value from "X-Forwarded-For" header and appends it to a SQL INSERT statement directly, leading to SQL Injection. (en) SQL injection vulnerabilities were discovered in Ajax.php, ForWindow.php, ForExport.php, Modules.php, functions/HackingLogFnc.php in OpenSis Community Edition 9.1 to 8.0, and possibly earlier versions. It is possible for an authenticated user to perform SQL Injection due to the lack to sanitisation. The application takes arbitrary value from "X-Forwarded-For" header and appends it to a SQL INSERT statement directly, leading to SQL Injection.

16 Oct 2024, 16:38

Type Values Removed Values Added
Summary
  • (es) Vulnerabilidad de inyección SQL en Ajax.php, ForWindow.php, ForExport.php, Modules.php, functions/HackingLogFnc.php en OpenSis Community Edition 9.1, 8.0 y posiblemente versiones anteriores. Es posible que un usuario autenticado realice una inyección SQL debido a la falta de desinfección. La aplicación toma un valor arbitrario del encabezado "X-Forwarded-For" y lo agrega directamente a una declaración SQL INSERT, lo que genera una inyección SQL.

15 Oct 2024, 19:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-10-15 19:15

Updated : 2024-10-16 20:35

NVD link : CVE-2024-35584

Mitre link : CVE-2024-35584

CVE.ORG link : CVE-2024-35584

JSON object : View

Products Affected

No product.

CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')