PT-2015-7513 · K2+1 · K2 Blackpearl+3

Published

2015-10-21

Updated

2021-03-31

CVE-2015-7299

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions K2 blackpearl version 4.6.7 K2 smartforms version 4.6.7 K2 for SharePoint version 4.6.7

Description The issue allows remote attackers to execute arbitrary SQL commands via the xml parameter in the Runtime/Runtime/AjaxCall.ashx file. This can be exploited by sending malicious input to the affected endpoint.

Recommendations For K2 blackpearl version 4.6.7, consider restricting access to the Runtime/Runtime/AjaxCall.ashx file until a patch is available. For K2 smartforms version 4.6.7, avoid using the xml parameter in the affected API endpoint until the issue is resolved. For K2 for SharePoint version 4.6.7, as a temporary workaround, consider disabling the AjaxCall.ashx file to prevent exploitation.

Exploit

Fix

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-89

Related Identifiers

CVE-2015-7299

Affected Products

K2 Blackpearl

K2 For Sharepoint

K2 Smartforms

Sharepoint Server

PT-2015-7513 · K2+1 · K2 Blackpearl+3

CVE-2015-7299

Weakness Enumeration

Related Identifiers

Affected Products

References · 4