PT-2021-24211 · Oracle · Mysql Server

Published

2021-12-21

Updated

2022-01-04

CVE-2021-45255

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: Video Sharing Website version 1.0

Description: The email parameter from the ajax.php endpoint of the Video Sharing Website appears to be vulnerable to SQL injection attacks. A payload injects a SQL sub-query that calls MySQL's load file function with a UNC file path that references a URL on an external domain. The application interacted with that domain, indicating that the injected SQL query was executed.

Recommendations: For Video Sharing Website version 1.0, consider disabling the ajax.php endpoint or restricting access to the email parameter to minimize the risk of exploitation until a patch is available. Avoid using the email parameter in the affected endpoint until the issue is resolved.

Exploit

Fix

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-89

Related Identifiers

CVE-2021-45255

Affected Products

Mysql Server

PT-2021-24211 · Oracle · Mysql Server

CVE-2021-45255

Weakness Enumeration

Related Identifiers

Affected Products

References · 5