VDB-96253 · CVE-2017-20139 · EDB-ID 41155

Itech Movie Portal Script 7.36 /show_news.php id Error sql injection

A vulnerability was found in Itech Movie Portal Script 7.36. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /show_news.php. The manipulation of the argument id with the input AND (SELECT 1222 FROM(SELECT COUNT(*),CONCAT(0x71786b7a71,(SELECT (ELT(1222=1222,1))),0x717a627871,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) leads to sql injection (Error). The CWE definition for the vulnerability is CWE-89. The weakness was presented 01/25/2017 by Marc Castejon as EDB-ID 41155 as Exploit (Exploit-DB). The advisory is shared at exploit-db.com. This vulnerability is known as CVE-2017-20139. The attack can be launched remotely. Technical details are available. Furthermore, there is an exploit available. The exploit has been disclosed to the public and may be used. The price for an exploit might be around USD $0-$5k at the moment. MITRE ATT&CK project uses the attack technique T1505 for this issue. It is declared as proof-of-concept. It is possible to download the exploit at exploit-db.com. We expect the 0-day to have been worth approximately $0-$5k. A possible mitigation has been published even before and not after the disclosure of the vulnerability.

Field	07/16/2022 17:19	11/04/2022 16:15	11/04/2022 16:23
name	Movie Portal Script	Movie Portal Script	Movie Portal Script
version	7.36	7.36	7.36
file	/show_news.php	/show_news.php	/show_news.php
argument	id	id	id
input_value	AND (SELECT 1222 FROM(SELECT COUNT(),CONCAT(0x71786b7a71,(SELECT (ELT(1222=1222,1))),0x717a627871,FLOOR(RAND(0)2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)	AND (SELECT 1222 FROM(SELECT COUNT(),CONCAT(0x71786b7a71,(SELECT (ELT(1222=1222,1))),0x717a627871,FLOOR(RAND(0)2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)	AND (SELECT 1222 FROM(SELECT COUNT(),CONCAT(0x71786b7a71,(SELECT (ELT(1222=1222,1))),0x717a627871,FLOOR(RAND(0)2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
risk	2	2	2
cvss2_vuldb_basescore	6.0	6.0	6.0
cvss2_vuldb_tempscore	5.1	5.1	5.1
cvss2_vuldb_av	N	N	N
cvss2_vuldb_ac	M	M	M
cvss2_vuldb_ci	P	P	P
cvss2_vuldb_ii	P	P	P
cvss2_vuldb_ai	P	P	P
cvss3_meta_basescore	6.3	6.3	7.5
cvss3_meta_tempscore	5.7	5.7	7.3
cvss3_vuldb_basescore	6.3	6.3	6.3
cvss3_vuldb_tempscore	5.7	5.7	5.7
cvss3_vuldb_av	N	N	N
cvss3_vuldb_ac	L	L	L
cvss3_vuldb_ui	N	N	N
cvss3_vuldb_s	U	U	U
cvss3_vuldb_c	L	L	L
cvss3_vuldb_i	L	L	L
cvss3_vuldb_a	L	L	L
titleword	Error	Error	Error
date	1485302400 (01/25/2017)	1485302400 (01/25/2017)	1485302400 (01/25/2017)
location	Exploit-DB	Exploit-DB	Exploit-DB
type	Exploit	Exploit	Exploit
url	https://www.exploit-db.com/exploits/41155/	https://www.exploit-db.com/exploits/41155/	https://www.exploit-db.com/exploits/41155/
identifier	EDB-ID 41155	EDB-ID 41155	EDB-ID 41155
person_name	Marc Castejon	Marc Castejon	Marc Castejon
availability	1	1	1
date	1485302400 (01/25/2017)	1485302400 (01/25/2017)	1485302400 (01/25/2017)
publicity	1	1	1
url	https://www.exploit-db.com/exploits/41155/	https://www.exploit-db.com/exploits/41155/	https://www.exploit-db.com/exploits/41155/
developer_name	Marc Castejon	Marc Castejon	Marc Castejon
price_0day	$0-$5k	$0-$5k	$0-$5k
exploitdb	41155	41155	41155
seealso	96254 96255 96256 96257	96254 96255 96256 96257	96254 96255 96256 96257
cvss2_vuldb_e	POC	POC	POC
cvss2_vuldb_rl	ND	ND	ND
cvss2_vuldb_rc	UR	UR	UR
cvss3_vuldb_e	P	P	P
cvss3_vuldb_rl	X	X	X
cvss3_vuldb_rc	R	R	R
cvss2_vuldb_au	S	S	S
cvss3_vuldb_pr	L	L	L
exploitdb_date	1485302400 (01/25/2017)	1485302400 (01/25/2017)	1485302400 (01/25/2017)
cwe	89 (sql injection)	89 (sql injection)	89 (sql injection)
vendor	Itech	Itech	Itech
cve	CVE-2017-20139	CVE-2017-20139	CVE-2017-20139
responsible	VulDB	VulDB	VulDB
cve_assigned		1657922400 (07/16/2022)	1657922400 (07/16/2022)
cve_nvd_summary		A vulnerability was found in Itech Movie Portal Script 7.36. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /show_news.php. The manipulation of the argument id with the input AND (SELECT 1222 FROM(SELECT COUNT(),CONCAT(0x71786b7a71,(SELECT (ELT(1222=1222,1))),0x717a627871,FLOOR(RAND(0)2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) leads to sql injection (Error). The attack can be launched remotely. The exploit has been disclosed to the public and may be used.	A vulnerability was found in Itech Movie Portal Script 7.36. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /show_news.php. The manipulation of the argument id with the input AND (SELECT 1222 FROM(SELECT COUNT(),CONCAT(0x71786b7a71,(SELECT (ELT(1222=1222,1))),0x717a627871,FLOOR(RAND(0)2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) leads to sql injection (Error). The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
cvss3_nvd_av			N
cvss3_nvd_ac			L
cvss3_nvd_pr			N
cvss3_nvd_ui			N
cvss3_nvd_s			U
cvss3_nvd_c			H
cvss3_nvd_i			H
cvss3_nvd_a			H
cvss3_cna_av			N
cvss3_cna_ac			L
cvss3_cna_pr			L
cvss3_cna_ui			N
cvss3_cna_s			U
cvss3_cna_c			L
cvss3_cna_i			L
cvss3_cna_a			L
cve_cna			VulDB
cvss3_nvd_basescore			9.8
cvss3_cna_basescore			6.3

◂ Previous Overview Next ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!