ExoPHPDesk faq.php id Parameter SQL Injection

medium Nessus Plugin ID 24267

Language:

Synopsis

The remote web server contains a PHP application that is prone to SQL injection attacks.

Description

The remote host is running Exo PHPDesk, a helpdesk application written in PHP.

The version of Exo PHPDesk on the remote host fails to properly sanitize input to the 'id' parameter of the 'faq.php' script before using it in database queries. Provided PHP's 'magic_quotes_gpc' setting is disabled, an unauthenticated, remote attacker can leverage this issue to launch SQL injection attacks against the affected application, leading to discovery of sensitive information, attacks against the underlying database, and the like.

Solution

Unknown at this time.

Plugin Details

Severity: Medium

ID: 24267

File Name: exophpdesk_id_sql_injection.nasl

Version: 1.23

Type: remote

Family: CGI abuses

Published: 2/1/2007

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.6

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 6.1

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Information

Required KB Items: www/PHP

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 1/31/2007

Reference Information

CVE: CVE-2007-0676

BID: 22338

Detections

Analytics