PT-2017-12589 · Slims · Slims

Trichimtrichop

Published

2017-08-06

Updated

2017-08-14

CVE-2017-12585

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions SLiMS versions 8 Akasia through 8.3.1

Description The issue allows for SQL injection through specific parameters and files, including tableName and tableFields in admin/AJAX lookup handler.php, as well as vulnerabilities in admin/AJAX check id.php and admin/AJAX vocabolary control.php. This can be exploited by remote authenticated librarian users.

Recommendations For versions 8 Akasia through 8.3.1, consider restricting access to the vulnerable files admin/AJAX lookup handler.php, admin/AJAX check id.php, and admin/AJAX vocabolary control.php until a patch is available. As a temporary workaround, avoid using the tableName and tableFields parameters in the affected API endpoints.

Exploit

Fix

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-89

Related Identifiers

CVE-2017-12585

Affected Products

Slims

PT-2017-12589 · Slims · Slims

CVE-2017-12585

Weakness Enumeration

Related Identifiers

Affected Products

References · 3