Meeting Room Booking System typematch Parameter SQL Injection

high Nessus Plugin ID 50002

Synopsis

A PHP script hosted on the remote web server is affected by a SQL Injection Vulnerability.

Description

The remote Meeting Room Booking System install is affected by a SQL injection vulnerability because its 'report.php' script does not properly sanitize input to the 'typematch[]' parameter before using it in a database query.

An attacker is able to obtain or modify data in the Meeting Room Booking System database.

Note that PHP's 'magic_quotes_gpc' setting may need to be disabled to successfully exploit this vulnerability.

Solution

Update to version 1.4.2 or later.

See Also

http://www.nessus.org/u?8a4d346e

Plugin Details

Severity: High

ID: 50002

File Name: mrbs_typematch_parameter_sqli.nasl

Version: 1.9

Type: remote

Family: CGI abuses

Published: 10/18/2010

Updated: 6/1/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.8

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.2

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

Required KB Items: www/PHP, www/mrbs

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 7/15/2009

Vulnerability Publication Date: 7/15/2009

Reference Information

CVE: CVE-2009-3533

BID: 43550

CWE: 89

Secunia: 35469