EUVD-2024-54626CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Lifecycle Timeline
3Description
A time-based SQL injection vulnerability exists in mydetailsstudent.php in the CloudClassroom PHP Project 1.0. The myds parameter does not properly validate user input, allowing an attacker to inject arbitrary SQL commands.
Analysis
Time-based SQL injection vulnerability in the mydetailsstudent.php file of CloudClassroom PHP Project version 1.0, where the 'myds' parameter fails to properly validate user input, allowing unauthenticated remote attackers to inject and execute arbitrary SQL commands. The vulnerability has a CVSS score of 7.3 (High), indicating potential for data theft, modification, and service disruption. No KEV status or active exploitation data is provided in the current intelligence; however, the network-accessible nature (CVSS:3.1/AV:N) and low attack complexity suggest this represents a significant real-world risk if the affected application is internet-facing.
Technical Context
The vulnerability exists in CloudClassroom PHP Project 1.0, a PHP-based web application for classroom management. The root cause is classified as CWE-89 (Improper Neutralization of Special Elements used in an SQL Command), a classic SQL injection flaw. The mydetailsstudent.php endpoint accepts user input via the 'myds' parameter and incorporates it directly into SQL queries without proper input validation, parameterization, or prepared statement usage. Time-based SQL injection specifically exploits database response delays (using SLEEP() or BENCHMARK() functions) to infer truth values when error-based or UNION-based methods are unavailable, making this a blind injection variant that is slower but harder to detect. The absence of input sanitization or query parameterization in legacy PHP applications like this is typical of outdated code patterns predating modern ORM frameworks and security best practices.
Affected Products
CloudClassroom PHP Project version 1.0 is the sole confirmed affected product. The specific vulnerable component is the mydetailsstudent.php file, with the 'myds' parameter as the injection point. CPE string (inferred): cpe:2.3:a:cloudclassroom:cloudclassroom_php_project:1.0:*:*:*:*:*:*:*. No other versions (e.g., 1.1, 2.0) are mentioned in the provided intelligence; clarification from vendor is needed regarding scope of affected versions. No vendor advisory URL is provided in the current data; security researchers should consult the official CloudClassroom project repository or vendor security contacts for confirmation.
Remediation
Immediate mitigation steps: (1) Disable or restrict network access to mydetailsstudent.php via firewall or web application firewall (WAF) rules until patched; (2) Implement input validation and sanitization on the 'myds' parameter to reject SQL metacharacters and enforce expected input format (e.g., alphanumeric-only if applicable); (3) Refactor the mydetailsstudent.php code to use prepared statements with parameterized queries (e.g., PHP PDO with bound parameters or MySQLi prepared statements) instead of string concatenation. Long-term: update to a patched version of CloudClassroom PHP Project when released by the vendor (version number TBD—check project repository). If the project is unmaintained, migrate to an actively supported classroom management system. No specific patch version is provided in the current intelligence; contact the CloudClassroom vendor or check the official repository (GitHub, SourceForge, etc.) for a patched release. Web Application Firewall (WAF) rules targeting SQL injection patterns (e.g., SLEEP, BENCHMARK, UNION SELECT) can provide temporary detection/blocking until code-level fixes are deployed.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today