Vulners
Lucene search
BEIMS ContractorWeb 5.18.0.0 SQL Injection
🗓️ 20 Dec 2017 00:00:00Reported by Rajwinder SinghType 
packetstorm🔗 packetstormsecurity.com👁 40 Views
| Reporter | Title | Published | Views | Family All 10 |
|---|---|---|---|---|
 | BEIMS ContractorWeb 5.18.0.0 - SQL Injection Vulnerability | 20 Dec 201700:00 | – | zdt |
 | ZUUSE BEIMS ContractorWeb .NET SQL Injection Vulnerability | 20 Dec 201700:00 | – | cnvd |
 | CVE-2017-17721 | 18 Dec 201716:00 | – | cve |
 | CVE-2017-17721 | 18 Dec 201716:00 | – | cvelist |
 | BEIMS ContractorWeb 5.18.0.0 - SQL Injection | 20 Dec 201700:00 | – | exploitdb |
 | EUVD-2017-8877 | 7 Oct 202500:30 | – | euvd |
 | BEIMS ContractorWeb 5.18.0.0 - SQL Injection | 20 Dec 201700:00 | – | exploitpack |
 | CVE-2017-17721 | 18 Dec 201716:29 | – | nvd |
 | CVE-2017-17721 | 18 Dec 201716:29 | – | osv |
 | Sql injection | 18 Dec 201716:29 | – | prion |
10
`# Exploit Title: SQL Injection
# Date: 18 December, 2017
# Exploit Author: Rajwinder Singh
# Vendor Homepage: http://www.beims.com/products/
# Software Link: http://www.beims.com/optional-modules/#ccw
# Version: BEIMS ContractorWeb .NET System 5.18.0.0
# CVE : 2017-17721
Vulnerability Details:
======================
WEBNET/WOSummary/List in ZUUSE BEIMS ContractorWeb .NET 5.18.0.0 allows SQL injection via the tradestatus, assetno, assignto, building, domain, jobtype, site, trade, woType, workorderno, or workorderstatus parameter.
Impact:
======================
1. Database compromise
2. Server compromise
3. Application defacement
4. Internal network access and exploitation.
Proof-of-Concept:
====================
1. Injected SQL injection payload under page "/CWEBNET/WOSummary/List" in post parameter 'tradestatus' and received SQL error response from server.
2. Saved request in the text file to run automated SQLmap tool for further enumeration and successfully dumped full database which will not be disclosed.
Affected Component:
====================
URL: www.domain.com/CWEBNET/WOSummary/List
post parameters: tradestatus, assetno, assignto, building, domain, jobtype, site, trade, woType, workorderno, workorderstatus
Disclosure Timeline:
=====================
Mitre Notification: 18 December, 2017
Public Disclosure: 18 December, 2017
Exploitation Technique:
=======================
Remote
Severity Level:
================
Critical
Description:
=====================================================
Request Method(s): [+] POST
Vulnerable Product: [+] BEIMS ContractorWeb .NET System 5.18.0.0
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
20 Dec 2017 00:00Current
0.2Low risk
Vulners AI Score0.2
EPSS0.06936