cbcvebase.
CVE-2023-50071
published 2023-12-29

CVE-2023-50071: Sourcecodester Customer Support System 1.0 has multiple SQL injection vulnerabilities in /customer_support/ajax.php?action=save_department via id or name.

PriorityP267high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EXPLOIT
EPSS
13.75%
96.0th percentile
Sourcecodester Customer Support System 1.0 has multiple SQL injection vulnerabilities in /customer_support/ajax.php?action=save_department via id or name.

Affected

1 ranges
VendorProductVersion rangeFixed in
customer_support_system_projectcustomer_support_system

Detection & IOCsextracted from sources · hover to see the quote

url/customer_support/ajax.php?action=save_department
url/customer_support/ajax.php?action=save_ticket
path/customer_support/index.php?page=new_ticket
command'+(select*from(select(sleep(20)))a)+'
  • Monitor POST requests to /customer_support/ajax.php with action=save_ticket or action=save_department for SQL injection patterns in the parameters: id, name, department_id, customer_id, and subject.
  • The exploit requires authentication; correlate suspicious SQL injection attempts with valid session cookies (PHPSESSID) to identify authenticated attacker sessions.
  • Look for the X-Requested-With: XMLHttpRequest header combined with multipart/form-data Content-Type in POST requests to ajax.php endpoints, which is the delivery mechanism for this exploit.
  • ·The vulnerability affects only Customer Support System version 1.0; verify the installed version before applying detections to avoid false positives on patched or different versions.
  • ·Exploitation requires prior authentication to the application, limiting the attack surface to users with valid credentials.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.