PT-2012-2123 · Open Business Management · Open Business Management
Published
2012-08-31
·
Updated
2017-08-29
·
CVE-2011-5145
CVSS v2.0
5.5
Medium
| Vector | AV:N/AC:L/Au:S/C:P/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Open Business Management versions 2.4.0-rc13 and earlier
Description
The issue allows remote authenticated users to execute arbitrary SQL commands. This can be achieved via various parameters in different PHP files, including
sel domain id or action parameter to "obm.php", tf user parameter in a search action to "group/group index.php", and multiple parameters to "host/host index.php" and "settings/settings index.php". The parameters to "settings/settings index.php" include lang, theme, cal alert, cal first hour, cal interval, cal last hour, commentorder, csv sep, date, date upd, debug exe, debug id, debug param, debug sess, debug solr, debug sql, dsrc, menu, rows, sel display days, timeformat, timezone, and todo.Recommendations
For Open Business Management versions 2.4.0-rc13 and earlier, consider disabling the vulnerable parameters to prevent exploitation until a patch is available. Specifically, restrict access to the parameters
sel domain id, action, tf user, tf delegation, tf ip, tf name, lang, theme, cal alert, cal first hour, cal interval, cal last hour, commentorder, csv sep, date, date upd, debug exe, debug id, debug param, debug sess, debug solr, debug sql, dsrc, menu, rows, sel display days, timeformat, timezone, and todo in the respective PHP files.Exploit
Fix
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Open Business Management