CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
Percentile
47.1%
PHP Address Book web application is vulnerable to multiple sqli injection vulnerabilities.
CWE-89: Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’)
PHP Address Book 8.2.5 and possibly older versions fail to sanitize input from multiple functions.
<http://www.example.com/addressbook/register/checklogin.php?username=>``{insert}&password=pass ``<http://www.example.com/addressbook/register/admin_index.php?q=>``{insert} ``<http://www.example.com/addressbook/register/delete_user.php?id=>``{insert} ``<http://www.example.com/addressbook/register/edit_user.php?id=>``{insert}
Additional information on vulnerable functions can be found at Acadion Security advisory.
A remote unauthenticated attacker may be able to run a subset of SQL commands against the back-end database.
We are currently unaware of a practical solution to this problem.
Restrict access
As a general good security practice, only allow connections from trusted hosts and networks. Note that restricting access does not prevent SQLi attacks since the attack comes as an SQL request from a legitimate user’s host. Restricting access would prevent an attacker from accessing a web interface using stolen credentials from a blocked network location.
183692
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Javascript is disabled. Click here to view vendors.
Updated: April 03, 2013
Affected
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Group | Score | Vector |
---|---|---|
Base | 9 | AV:N/AC:L/Au:N/C:C/I:P/A:P |
Temporal | 6.5 | E:U/RL:W/RC:UC |
Environmental | 1.7 | CDP:L/TD:L/CR:ND/IR:ND/AR:ND |
Thanks to Jurgen Voorneveld of Acadion Security for reporting this vulnerability.
This document was written by Michael Orlando.
CVE IDs: | CVE-2013-0135 |
---|---|
Date Public: | 2013-04-05 Date First Published: |