Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-3432 PoC — PuneethReddyHC Event Management register.php sql injection

Source
https://github.com/pamoutaf/CVE-2024-3432
Associated Vulnerability
Title:PuneethReddyHC Event Management register.php sql injection (CVE-2024-3432)
Description:A vulnerability was found in PuneethReddyHC Event Management 1.0. It has been rated as critical. This issue affects some unknown processing of the file /backend/register.php. The manipulation of the argument event_id/full_name/email/mobile/college/branch leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-259613 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Readme
# CVE-2024-3432
Tested Product: Datacard XPS Card Printer Driver Version: <= 8.4

Description: The application is prone to Local Privilege Escalation (LPE) vulnerability due to insecure file/folder permissions on its default installation, by which it grants the rights for everyone for full control over the path: C:\ProgramData\Datacard\XPS Card Printer\Service.
Files and folders in the path "C:\ProgramData\Datacard" can be modified by unprivileged users, malicious processes and/or threat actors. Once an admin installs XPS Card Printer, which runs under SYSTEM context, it will invoke the DEVOBJ.dll or CFGMGR32.dll in the directory "C:\ProgramData\Datacard\XPS Card Printer\Service", where a low privileged user can already place a malicious dll upfront and which will not be checked and deleted by the installation. These dlls do not exist and therefore will give NOT FOUND by the application installer. If a malicious user places a dll named DEVOBJ.dll or CFGMGR32.dll within this directory, the setup will inadvertently execute these malicious dll when the service is trying to connect to the card printer, running them with SYSTEM privileges.


Exploit POC:


1- With a low priv user, create the directory "C:\ProgramData\Datacard\XPS Card Printer\Service" and throw a desired DLL and rename it to DEVOBJ.dll or CFGMGR32.dll

2- With an Administrator, proceed to install the driver as normal.

3- The DLL payload will be executed as SYSTEM.
File Snapshot

 [4.0K]  /data/pocs/f58520ab2d6ff77f49ff8fc88c09c112f565e40f
└── [1.4K]  README.md

0 directories, 1 file
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →