CVE-2024-35584

HIGH NUCLEI

OpenSis Community Edition 8.0-9.1 - Authenticated SQL Injection via X-Forwarded-For Header

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-35584. PoCs published by whwhwh96. A Nuclei detection template is also available.

AI-analyzed exploit summary This repository provides a detailed technical analysis of CVE-2024-35584, an authenticated SQL injection vulnerability in OpenSIS Community Edition 9.1 to 8.0. The vulnerability arises from unsanitized use of the 'X-Forwarded-For' header in SQL queries across multiple files, with proof of concept details and mitigation recommendations.

Description

SQL injection vulnerabilities were discovered in Ajax.php, ForWindow.php, ForExport.php, Modules.php, functions/HackingLogFnc.php in OpenSis Community Edition 9.1 to 8.0, and possibly earlier versions. It is possible for an authenticated user to perform SQL Injection due to the lack to sanitisation. The application takes arbitrary value from "X-Forwarded-For" header and appends it to a SQL INSERT statement directly, leading to SQL Injection.

Exploits (1)

nomisec WRITEUP 1 stars

by whwhwh96 · poc

https://github.com/whwhwh96/CVE-2024-35584

View Code ZIP pw:eip

This repository provides a detailed technical analysis of CVE-2024-35584, an authenticated SQL injection vulnerability in OpenSIS Community Edition 9.1 to 8.0. The vulnerability arises from unsanitized use of the 'X-Forwarded-For' header in SQL queries across multiple files, with proof of concept details and mitigation recommendations.

Classification

Writeup 95%

Attack Type

Sqli

Complexity

Moderate

Reliability

Reliable

Target: OpenSIS Community Edition 9.1 to 8.0

Auth required

Prerequisites: Access to OpenSIS application · Ability to send crafted HTTP headers

MITRE ATT&CK

T1189 - Drive-by Compromise T1505 - Server Software Component

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Nuclei Templates (1)

openSIS < 9.1 - SQL Injection

HIGHby s4e-io

Shodan: http.title:"opensis"

FOFA: title="opensis"

References (3)

Core 3

Core References

Product

http://opensis.com

Product

http://os4ed.com

Exploit, Third Party Advisory

https://github.com/whwhwh96/CVE-2024-35584

Scores

CVSS v3 8.8

EPSS 0.0652

EPSS Percentile 92.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-89

Status published

Products (2)

os4ed/opensis 8.0

os4ed/opensis 9.1

Published Oct 15, 2024

Tracked Since Feb 18, 2026