CHT Security SOC Discovered Vulnerability in an Online Security Guard Hiring System Platform

Summary

Vulnerability List

[CVE-2023-36119, CVE-2023-39551, CVE-2023-39552] – File upload, SQL Injection, XSS vulnerabilities

Details

1. SQL Injection, XSS, File upload vulnerabilities

Description

A foreign open-source online security guard hiring system platform was found with SQL Injection, XSS, and File upload vulnerabilities. 

Impact

The platform consists of separate administrator and general user frontend pages, both of which have been found to be vulnerable to exploitation by attackers. These vulnerabilities include SQL injection, XSS, and File Upload Vulnerability. While the file upload feature has restricted the file types allowed for upload, attackers can still bypass these restrictions by adding 'GIF89a' at the beginning of the webshell content and by modifying the file extension, successfully exploiting the upload vulnerability. Moreover, the SQL injection vulnerability requires encoding or escaping certain keywords to be bypassed. Additionally, multiple instances of XSS issues are present in the platform, allowing attackers to execute successful attacks using simple syntax.

Known Affected Software

• Version 1.0

Credits

• Noflag (CHT Security)