OpenBB index.php CID Parameter SQL Injection

high Nessus Plugin ID 11550

Language:

Synopsis

The remote web server has an application that is affected by a SQL injection vulnerability.

Description

The remote host seems to be running OpenBB, a forum management system.

There is a bug which allows an attacker to inject SQL command when passing a single quote (') to the CID argument of the file index.php, as in : GET /index.php?CID='<sql query>

An attacker may use this flaw to gain credentials or to modify your database.

Solution

If the remote host is running OpenBB, upgrade to the latest version

Plugin Details

Severity: High

ID: 11550

File Name: openbb_sql_injection.nasl

Version: 1.21

Type: remote

Family: CGI abuses

Published: 4/26/2003

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

Required KB Items: www/PHP

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Available: true

Exploit Ease: No exploit is required

Vulnerability Publication Date: 4/25/2003

Reference Information

BID: 7401

Detections

Analytics