CVE-2024-13979

CRITICAL EXPLOITED NUCLEI

St. Joe ERP System - Unauthenticated SQL Injection via Login Endpoint

Title source: llm

Exploitation Summary

CVE-2024-13979 has been observed exploited in the wild (reported by VulnCheck KEV). A Nuclei detection template is also available.

Description

A SQL injection vulnerability exists in the St. Joe ERP system ("圣乔ERP系统") that allows unauthenticated remote attackers to execute arbitrary SQL commands via crafted HTTP POST requests to the login endpoint. The application fails to properly sanitize user-supplied input before incorporating it into SQL queries, enabling direct manipulation of the backend database. Successful exploitation may result in unauthorized data access, modification of records, or limited disruption of service. An affected version range is undefined. Exploitation evidence was first observed by the Shadowserver Foundation on 2025-04-14 UTC.

Nuclei Templates (1)

St. Joe ERP system - SQL Injection

CRITICALby DhiyaneshDK

FOFA: 圣乔ERP系统

References (4)

Core 4

Core References

Exploit technical-description exploit

https://blog.csdn.net/qq_41904294/article/details/144240396

Exploit exploit

https://github.com/adysec/POC/blob/main/wpoc/%E5%9C%A3%E4%B9%94ERP/%E5%9C%A3%E4%B9%94ERP%E7%B3%BB%E7%BB%9FSingleRowQueryConvertor%E5%AD%98%E5%9C%A8SQL%E6%B3%A8%E5%85%A5%E6%BC%8F%E6%B4%9E.md

View Exploit ZIP pw:eip

Product product

https://en.fofa.info/result?qbase64=5Zyj5LmURVJQ57O757uf

Third Party Advisory third-party-advisory

https://www.vulncheck.com/advisories/st-joes-erp-system-sqli

Scores

CVSS v3 9.8

EPSS 0.0290

EPSS Percentile 85.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact total

Details

VulnCheck KEV 2025-04-14

CWE

CWE-89

Status published

Products (1)

st._joe_erp_system_project/st._joe_erp_system

Published Aug 27, 2025

Tracked Since Feb 18, 2026