CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
---|---|---|
4.9 | $0-$5k | 0.00 |
A vulnerability, which was classified as problematic, has been found in phpCollab CMS 2.5 (Content Management System). Affected by this issue is some unknown processing of the file /phpcollab/users/emailusers.php. The manipulation of the argument id
with an unknown input leads to a unknown weakness. The impact remains unknown.
The weakness was published 08/08/2016 by Benjamin Kunz Mejri with Vulnerability Lab as 1898 as not defined mailinglist post (Full-Disclosure). The advisory is shared for download at seclists.org. Technical details as well as a public exploit are known.
After immediately, there has been an exploit disclosed. The exploit is available at seclists.org. It is declared as proof-of-concept. By approaching the search of inurl:phpcollab/users/emailusers.php it is possible to find vulnerable targets with Google Hacking. The code used by the exploit is:
http://phpcollab.localhost:8080/phpcollab/users/emailusers.php?id=1'[SQL-INJECTION VULNERABILITY!]&&PHPSESSID=ghtu76jt276nji04lua07930t5
The best possible mitigation is suggested to be Workaround. The mailinglist post contains the following remark:
The vulnerability can be patched by usage of a prepared statement in the emailusers.php file GET method request. Disallow special chars and escape the input and outpit context entries to prevent further sql-injection attacks.
vulnerability-lab.com is providing further details.
Product
Type
Vendor
Name
Version
CPE 2.3
CPE 2.2
CVSSv4
VulDB CVSS-B Score: 🔍VulDB CVSS-BT Score: 🔍
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 5.3VulDB Meta Temp Score: 4.9
VulDB Base Score: 5.3
VulDB Temp Score: 4.9
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
AV | AC | Au | C | I | A |
---|---|---|---|---|---|
💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
---|---|---|---|---|---|
unlock | unlock | unlock | unlock | unlock | unlock |
unlock | unlock | unlock | unlock | unlock | unlock |
unlock | unlock | unlock | unlock | unlock | unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
Exploiting
Class: Local Privilege EscalationCWE: Unknown
ATT&CK: Unknown
Local: Yes
Remote: No
Availability: 🔍
Access: Public
Status: Proof-of-Concept
Download: 🔍
Google Hack: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
0-Day | unlock | unlock | unlock | unlock |
---|---|---|---|---|
Today | unlock | unlock | unlock | unlock |
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: WorkaroundStatus: 🔍
0-Day Time: 🔍
Exploit Delay Time: 🔍
Timeline
08/08/2016 🔍08/08/2016 🔍
08/17/2016 🔍
03/28/2019 🔍
Sources
Advisory: 1898Researcher: Benjamin Kunz Mejri
Organization: Vulnerability Lab
Status: Not defined
scip Labs: https://www.scip.ch/en/?labs.20161013
Misc.: 🔍
Entry
Created: 08/17/2016 12:53Updated: 03/28/2019 15:19
Changes: 08/17/2016 12:53 (47), 03/28/2019 15:19 (1)
Complete: 🔍
No comments yet. Languages: en.
Please log in to comment.