PT-2012-2123 · Open Business Management · Open Business Management
Publicado
2012-08-31
·
Atualizado
2017-08-29
·
CVE-2011-5145
CVSS v2.0
5.5
Média
| Vetor | AV:N/AC:L/Au:S/C:P/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Open Business Management versions 2.4.0-rc13 and earlier
Description
The issue allows remote authenticated users to execute arbitrary SQL commands. This can be achieved via various parameters in different PHP files, including
sel domain id or action parameter to "obm.php", tf user parameter in a search action to "group/group index.php", and multiple parameters to "host/host index.php" and "settings/settings index.php". The parameters to "settings/settings index.php" include lang, theme, cal alert, cal first hour, cal interval, cal last hour, commentorder, csv sep, date, date upd, debug exe, debug id, debug param, debug sess, debug solr, debug sql, dsrc, menu, rows, sel display days, timeformat, timezone, and todo.Recommendations
For Open Business Management versions 2.4.0-rc13 and earlier, consider disabling the vulnerable parameters to prevent exploitation until a patch is available. Specifically, restrict access to the parameters
sel domain id, action, tf user, tf delegation, tf ip, tf name, lang, theme, cal alert, cal first hour, cal interval, cal last hour, commentorder, csv sep, date, date upd, debug exe, debug id, debug param, debug sess, debug solr, debug sql, dsrc, menu, rows, sel display days, timeformat, timezone, and todo in the respective PHP files.Exploit
Correção
SQL injection
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Open Business Management