CVE-2020-37156

Vulnerability

Overview

BloodX 1.0, a PHP-based blood bank management system, suffers from an authentication bypass vulnerability in its login.php file. The root cause is insufficient input validation, allowing an attacker to inject a SQL payload that manipulates the authentication query. By submitting the payload '=''or' for both the email and password fields, the SQL condition becomes always true, bypassing credential checks [1][2].

Exploitation

Details

The attack requires no prior authentication and can be performed over the network. An attacker sends a POST request to the login endpoint with the crafted parameters. The exploit is publicly available and trivial to execute, as demonstrated in a proof-of-concept on Exploit-DB [2]. The vulnerability is classified as CWE-288 (Authentication Bypass Using an Alternate Path or Channel) with a CVSS v4 score of 6.5 (Medium) [3].

Impact

Successful exploitation grants an attacker unauthorized access to the BloodX dashboard. Depending on the application's configuration, this could expose sensitive data such as donor and recipient information, blood inventory, and administrative functions. The project is still under development and may be used in testing or production environments, increasing the risk of data compromise.

Mitigation

Status

As of the publication date, no official patch has been released for this vulnerability. The GitHub repository indicates the project is under development and not yet launched [1]. Users are advised to avoid deploying BloodX in production until a fix is applied. Implementing proper input sanitization and parameterized queries would mitigate the issue.