CVE-2023-33439
published 2023-05-26CVE-2023-33439: Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/admin/manage_task.php?id=.
PriorityP346high7.2CVSS 3.1
AVNACLPRHUINSUCHIHAH
EXPLOIT
EPSS
3.31%
87.0th percentile
Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/admin/manage_task.php?id=.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| faculty_evaluation_system_project | faculty_evaluation_system | — | — |
Detection & IOCsextracted from sources · hover to see the quote
url/admin/manage_task.php?id=1%20and%20updatexml(1,concat(0x7e,(select%20database()),0x7e),0)--+
commandupdatexml(1,concat(0x7e,(select%20database()),0x7e),0)
- →Detect exploitation attempts by matching HTTP responses containing both 'Fatal error:' and 'XPATH syntax error:' with HTTP 200 status, indicating a successful error-based SQL injection via updatexml().
- →Monitor GET requests to /admin/manage_task.php with an 'id' parameter containing SQL injection payloads, specifically updatexml() error-based injection patterns (e.g., updatexml(1,concat(0x7e,...),0)).
- →The attack is authenticated; monitor for a preceding POST login request to /ajax.php?action=login followed by the malicious GET request to manage_task.php, indicating a two-step exploitation chain.
- →Flag URL-encoded SQL injection strings in the 'id' parameter of manage_task.php, particularly patterns containing '%20and%20updatexml' or '--+' terminators.
- ·Exploitation requires prior authentication (PR:H); the attacker must first obtain valid admin credentials and log in via /ajax.php?action=login before the SQL injection payload can be delivered. ↗
- ·The Nuclei template requires 'redirects: true', meaning detection logic must account for HTTP redirect chains before the final 200 response containing the XPATH error is observed.
- ·The vulnerability is specific to Faculty Evaluation System v1.0 (cpe:2.3:a:faculty_evaluation_system_project:faculty_evaluation_system:1.0); detections should be scoped to this version to avoid false positives.
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Nuclei
Faculty Evaluation System v1.0 - SQL Injection
nuclei·CVSS 7.2
CVE-2023-33439 [HIGH] Faculty Evaluation System v1.0 - SQL Injection
Faculty Evaluation System v1.0 - SQL Injection
Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/admin/manage_task.php?id=
Template:
id: CVE-2023-33439
info:
name: Faculty Evaluation System v1.0 - SQL Injection
author: Harsh
severity: high
description: |
Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/admin/manage_task.php?id=
impact: |
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary SQL queries, potentially leading to unauthorized access, data leakage, or data manipulation.
remediation: |
Upgrade to the latest version to mitigate this vulnerability.
reference:
- https://github.com/F14me7wq/bug_report/blob/main/vendors/oretnom23/faculty-evaluation-system/SQLi-1.md
- ht
No writeups or analysis indexed.
2023-05-26
Published