CVE-2024-40073

Vulnerability

The SQL injection vulnerability exists in the id_generator/admin/generate/index.php file of Sourcecodester Online ID Generator System version 1.0. The template GET parameter is directly concatenated into a SQL query without any sanitization or parameterization: SELECT * FROM id_format where id = '{$_GET['template']}'. The vulnerable page is located at /admin/?page=generate&template=4 and requires prior authentication as an admin user to access [1].

Exploitation

An attacker with valid admin credentials can exploit this vulnerability by sending a crafted template parameter to the vulnerable URL. The reference demonstrates boolean-based blind SQL injection using sqlmap, where different responses are returned based on the truth of injected conditions. For example, injecting 4' and '1'='1 yields a normal response, while 4' and '1'='2 yields a different response, confirming the injection point [1].

Impact

Successful exploitation allows an attacker to execute arbitrary SQL queries against the database. This can lead to disclosure of sensitive information such as user credentials, generated IDs, and other database contents. The attacker can also potentially modify or delete data, though the primary impact is information disclosure. The reference shows extraction of the current database name using sqlmap [1].

Mitigation

As of the publication date (2025-04-16), no official patch has been released by Sourcecodester for Online ID Generator System version 1.0. Users should implement input validation and use parameterized queries (prepared statements) to prevent SQL injection. Additionally, restrict access to the admin panel to trusted users and monitor for suspicious activity. This CVE is not listed in the CISA Known Exploited Vulnerabilities catalog [1].